Option to handle Cloudflare proxied records

This change imports records that are marked as proxied so that they can be synced to other DNS providers as described in [this support acticle](https://support.cloudflare.com/hc/en-us/articles/115000830351-How-to-configure-DNS-for-CNAME-partial-setup-when-managing-DNS-externally). Records that use this functionality will be ignored by this provider and not be synced back to Cloudflare as we don't know the origin record values that would be required. This change does not allow you to enable, disable or configure the CDN itself as that would require a lot of metadata to be handled by OctoDNS. The intention of this change is to allow users to run a multi-DNS provider setup without sending any traffic to their origin directly. See also github/octodns#45
8 years ago · b5e7af0398
--- a/octodns/provider/cloudflare.py
+++ b/octodns/provider/cloudflare.py
@ -14,14 +14,14 @@ from ..record import Record, Update
 from .base import BaseProvider


 class CloudflareAuthenticationError(Exception):
 class CloudflareError(Exception):

    def __init__(self, data):
        try:
            message = data['errors'][0]['message']
        except (IndexError, KeyError):
            message = 'Authentication error'
        super(CloudflareAuthenticationError, self).__init__(message)
        super(CloudflareError, self).__init__(message)


 class CloudflareProvider(BaseProvider):
@ -34,6 +34,12 @@ class CloudflareProvider(BaseProvider):
        email: dns-manager@example.com
        # The api key (required)
        token: foo
        # Import CDN enabled records as CNAME to {}.cdn.cloudflare.net. Records
        # ending at .cdn.cloudflare.net. will be ignored when this provider is
        # not used as the source and the cdn option is enabled.
        #
        # See: https://support.cloudflare.com/hc/en-us/articles/115000830351
        cdn: false
    '''
    SUPPORTS_GEO = False
    # TODO: support SRV
@ -43,9 +49,10 @@ class CloudflareProvider(BaseProvider):
    MIN_TTL = 120
    TIMEOUT = 15

    def __init__(self, id, email, token, *args, **kwargs):
    def __init__(self, id, email, token, cdn=False, *args, **kwargs):
        self.log = getLogger('CloudflareProvider[{}]'.format(id))
        self.log.debug('__init__: id=%s, email=%s, token=***', id, email)
        self.log.debug('__init__: id=%s, email=%s, token=***, cdn=%s', id,
                       email, cdn)
        super(CloudflareProvider, self).__init__(id, *args, **kwargs)

        sess = Session()
@ -53,6 +60,7 @@ class CloudflareProvider(BaseProvider):
            'X-Auth-Email': email,
            'X-Auth-Key': token,
        })
        self.cdn = cdn
        self._sess = sess

        self._zones = None
@ -65,8 +73,8 @@ class CloudflareProvider(BaseProvider):
        resp = self._sess.request(method, url, params=params, json=data,
                                  timeout=self.TIMEOUT)
        self.log.debug('_request:   status=%d', resp.status_code)
        if resp.status_code == 403:
            raise CloudflareAuthenticationError(resp.json())
        if resp.status_code == 400 or resp.status_code == 403:
            raise CloudflareError(resp.json())
        resp.raise_for_status()
        return resp.json()

@ -88,6 +96,18 @@ class CloudflareProvider(BaseProvider):

        return self._zones

    def _data_for_cdn(self, name, _type, records):
        self.log.info('CDN rewrite for %s', records[0]['name'])
        _type = "CNAME"
        if name == "":
            _type = "ALIAS"

        return {
            'ttl': records[0]['ttl'],
            'type': _type,
            'value': '{}.cdn.cloudflare.net.'.format(records[0]['name']),
        }

    def _data_for_multiple(self, _type, records):
        return {
            'ttl': records[0]['ttl'],
@ -170,8 +190,8 @@ class CloudflareProvider(BaseProvider):
        return self._zone_records[zone.name]

    def populate(self, zone, target=False, lenient=False):
        self.log.debug('populate: name=%s, target=%s, lenient=%s', zone.name,
                       target, lenient)
        self.log.debug('populate: name=%s, cdn=%s, target=%s, lenient=%s',
                       zone.name, self.cdn, target, lenient)

        before = len(zone.records)
        records = self.zone_records(zone)
@ -186,12 +206,18 @@ class CloudflareProvider(BaseProvider):
            for name, types in values.items():
                for _type, records in types.items():

                    # Cloudflare supports ALIAS semantics with root CNAMEs
                    if _type == 'CNAME' and name == '':
                        _type = 'ALIAS'
                    # rewrite Cloudflare proxied records
                    if self.cdn and records[0]['proxied']:
                        data = self._data_for_cdn(name, _type, records)

                    else:
                        # Cloudflare supports ALIAS semantics with root CNAMEs
                        if _type == 'CNAME' and name == '':
                            _type = 'ALIAS'

                        data_for = getattr(self, '_data_for_{}'.format(_type))
                        data = data_for(_type, records)

                    data_for = getattr(self, '_data_for_{}'.format(_type))
                    data = data_for(_type, records)
                    record = Record.new(zone, name, data, source=self,
                                        lenient=lenient)
                    zone.add_record(record)
@ -250,6 +276,12 @@ class CloudflareProvider(BaseProvider):
        if _type == 'ALIAS':
            _type = 'CNAME'

        # If this is a record to enable to Cloudflare CDN don't update as we
        # don't know the original values.
        if (self.cdn and _type == 'CNAME' and
           record.value.endswith('.cdn.cloudflare.net.')):
            raise StopIteration

        contents_for = getattr(self, '_contents_for_{}'.format(_type))
        for content in contents_for(record):
            content.update({
--- a/tests/test_octodns_provider_cloudflare.py
+++ b/tests/test_octodns_provider_cloudflare.py
@ -484,3 +484,120 @@ class TestCloudflareProvider(TestCase):
            'ttl': 300,
            'type': 'CNAME'
        }, list(contents)[0])

    def test_cdn(self):
        provider = CloudflareProvider('test', 'email', 'token', True)

        # A CNAME for us to transform to ALIAS
        provider.zone_records = Mock(return_value=[
            {
                "id": "fc12ab34cd5611334422ab3322997642",
                "type": "CNAME",
                "name": "cname.unit.tests",
                "content": "www.unit.tests",
                "proxiable": True,
                "proxied": True,
                "ttl": 300,
                "locked": False,
                "zone_id": "ff12ab34cd5611334422ab3322997650",
                "zone_name": "unit.tests",
                "modified_on": "2017-03-11T18:01:43.420689Z",
                "created_on": "2017-03-11T18:01:43.420689Z",
                "meta": {
                    "auto_added": False
                }
            },
            {
                "id": "fc12ab34cd5611334422ab3322997642",
                "type": "A",
                "name": "a.unit.tests",
                "content": "1.1.1.1",
                "proxiable": True,
                "proxied": True,
                "ttl": 300,
                "locked": False,
                "zone_id": "ff12ab34cd5611334422ab3322997650",
                "zone_name": "unit.tests",
                "modified_on": "2017-03-11T18:01:43.420689Z",
                "created_on": "2017-03-11T18:01:43.420689Z",
                "meta": {
                    "auto_added": False
                }
            },
            {
                "id": "fc12ab34cd5611334422ab3322997642",
                "type": "A",
                "name": "a.unit.tests",
                "content": "1.1.1.2",
                "proxiable": True,
                "proxied": True,
                "ttl": 300,
                "locked": False,
                "zone_id": "ff12ab34cd5611334422ab3322997650",
                "zone_name": "unit.tests",
                "modified_on": "2017-03-11T18:01:43.420689Z",
                "created_on": "2017-03-11T18:01:43.420689Z",
                "meta": {
                    "auto_added": False
                }
            },
        ])

        zone = Zone('unit.tests.', [])
        provider.populate(zone)

        # the two A records get merged into one CNAME record poining to the CDN
        self.assertEquals(2, len(zone.records))

        record = list(zone.records)[0]
        self.assertEquals('cname', record.name)
        self.assertEquals('cname.unit.tests.', record.fqdn)
        self.assertEquals('CNAME', record._type)
        self.assertEquals('cname.unit.tests.cdn.cloudflare.net.', record.value)

        record = list(zone.records)[1]
        self.assertEquals('a', record.name)
        self.assertEquals('a.unit.tests.', record.fqdn)
        self.assertEquals('CNAME', record._type)
        self.assertEquals('a.unit.tests.cdn.cloudflare.net.', record.value)

        # CDN enabled records can't be updated, we don't know the real values
        contents = provider._gen_contents(record)
        self.assertEquals(0, len(list(contents)))

    def test_cdn_alias(self):
        provider = CloudflareProvider('test', 'email', 'token', True)

        # A CNAME for us to transform to ALIAS
        provider.zone_records = Mock(return_value=[
            {
                "id": "fc12ab34cd5611334422ab3322997642",
                "type": "CNAME",
                "name": "unit.tests",
                "content": "www.unit.tests",
                "proxiable": True,
                "proxied": True,
                "ttl": 300,
                "locked": False,
                "zone_id": "ff12ab34cd5611334422ab3322997650",
                "zone_name": "unit.tests",
                "modified_on": "2017-03-11T18:01:43.420689Z",
                "created_on": "2017-03-11T18:01:43.420689Z",
                "meta": {
                    "auto_added": False
                }
            },
        ])

        zone = Zone('unit.tests.', [])
        provider.populate(zone)
        self.assertEquals(1, len(zone.records))
        record = list(zone.records)[0]
        self.assertEquals('', record.name)
        self.assertEquals('unit.tests.', record.fqdn)
        self.assertEquals('ALIAS', record._type)
        self.assertEquals('unit.tests.cdn.cloudflare.net.', record.value)

        # CDN enabled records can't be updated, we don't know the real values
        contents = provider._gen_contents(record)
        self.assertEquals(0, len(list(contents)))