diff --git a/integration-tests/load-signed-apex-cname/example.test.zone b/integration-tests/load-signed-apex-cname/example.test.zone new file mode 100644 index 00000000..c89d9040 --- /dev/null +++ b/integration-tests/load-signed-apex-cname/example.test.zone @@ -0,0 +1,14 @@ +example.test. 5 IN SOA ns1.example.test. mail.example.test. 2026033000 60 60 3600 5 +example.test. 5 IN NS example.test. +example.test. 5 IN NS ns1.example.test. +example.test. 3600 IN RRSIG DNSKEY 13 2 3600 20260413114923 20260329114923 45183 example.test. V7x/78Nnl5CE638nclvTbEpZkHXG10YQ/8ZeM6rQPbboQ8qKkw6hiB61 gG/qK3DPcDVSgAQoy/Q+jCzdA26+/A== +example.test. 5 IN RRSIG NSEC 13 2 5 20260413114923 20260329114923 58227 example.test. ijvwb5F9cTLQGyRn+qMaAhaumYolU47CZOsLLmL0BZpRWtj3ACG7zfmQ yEY9ZqzbLw5TkzR0DxvnNbEugR93mg== +example.test. 5 IN RRSIG SOA 13 2 5 20260413114923 20260329114923 58227 example.test. zKi74SYUJ9wppn5NAllR3iIUwBuMFEYucyX5RQp0ym+CUdm39b6l8zeW 47EdX6ObU1HGVdMGqlN2+8Gv9Rks4g== +example.test. 5 IN RRSIG NS 13 2 5 20260413114923 20260329114923 58227 example.test. DsiNh0onbIOYxxt7Ue3ypgV5RR5JQ05WC/r+bd2aImQz7iRgb/dIUXgv VTXOzMNasO2iSFKi6e8q82uS8PqlCQ== +example.test. 3600 IN DNSKEY 257 3 13 iKHfcKwR2R+o+qtzK06SvmD8nWuJwvS3dJQHD7I/r3R6dj+0lrB889V0 0X0m6s74g0g1je2gBB9jc6W5ETgi2Q== +example.test. 3600 IN DNSKEY 256 3 13 z//8PEhbP9uJMaWIGqLcjfv5V+67VUFBZpTTVnQAmBn+V8Ln9ADzAhLk 6oBTfIZLpLOXMuP9Sfv+hXZqGjFWEw== +example.test. 5 IN NSEC cname.example.test. NS SOA RRSIG NSEC DNSKEY +cname.example.test. 5 IN RRSIG NSEC 13 3 5 20260413114923 20260329114923 58227 example.test. N6K4dyRAig3Pmm4vublYQbs6uIYcBl9iQ6TKlyH8C5Z0viEwcQ9nwe7m 1oN+ki2ESE0UrJQL5RIXeftAH8ylMA== +cname.example.test. 5 IN RRSIG CNAME 13 3 5 20260413114923 20260329114923 58227 example.test. moIDfx3j1INEaIeaBYXY5TMJ+x9h7fVh3vgA3Y7vXhxKFwTLeQwP6PK5 cRJHMU3qyP6sRABPYMLxjCefFccYDw== +cname.example.test. 5 IN CNAME nlnetlabs.nl. +cname.example.test. 5 IN NSEC example.test. CNAME RRSIG NSEC diff --git a/integration-tests/system-tests.yml b/integration-tests/system-tests.yml index 03e2e710..da828c32 100644 --- a/integration-tests/system-tests.yml +++ b/integration-tests/system-tests.yml @@ -258,3 +258,18 @@ jobs: - uses: ./integration-tests/tests/all-rr-types with: log-level: ${{ inputs.log-level }} + + load-signed-apex-cname: + name: Load a zonefile containing a signed apex CNAME + runs-on: ubuntu-latest + strategy: + matrix: + rust: [stable] + steps: + - uses: actions/checkout@v4 + - uses: ./.github/actions/set-build-profile + with: + build-profile: ${{ inputs.build-profile }} + - uses: ./integration-tests/tests/load-signed-apex-cname + with: + log-level: ${{ inputs.log-level }} diff --git a/integration-tests/tests/load-signed-apex-cname/action.yml b/integration-tests/tests/load-signed-apex-cname/action.yml new file mode 100644 index 00000000..e55a1eb9 --- /dev/null +++ b/integration-tests/tests/load-signed-apex-cname/action.yml @@ -0,0 +1,50 @@ +# Making reusable composite actions documented at +# https://docs.github.com/en/actions/tutorials/create-actions/create-a-composite-action#creating-a-composite-action-within-the-same-repository +name: 'Load a zonefile containing a signed apex CNAME' +description: 'Load a zonefile containing a signed apex CNAME' +defaults: + # see: https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-syntax#defaultsrunshell + run: + shell: bash --noprofile --norc -eo pipefail -x {0} +inputs: + log-level: + description: The level of logging that Cascade should output. + required: false + default: debug + type: choice + options: + - error + - warning + - info + - debug + - trace +runs: + using: "composite" + steps: + #- uses: ./.github/actions/prepare-systest-env + - uses: ./.github/actions/setup-and-start-cascade + with: + log-level: ${{ inputs.log-level }} + + - name: Add the zone + run: | + INTEGRATION_TEST_DIR="${PWD}/integration-tests/load-signed-apex-cname" + cp "${INTEGRATION_TEST_DIR}/example.test.zone" /tmp/ + cascade zone add --policy default --source /tmp/example.test.zone example.test + + - name: Wait for zone to be published + run: | + timeout=10 # seconds + start=$(date +%s) + until cascade zone status example.test | grep -q "Published version"; do + if (($(date +%s) > (start + timeout))); then + cascade zone status example.test + echo "timeout: zone status did not report published zone available" >&2 + exit 1 + fi + sleep 1 + done + + - name: Print log files on any failure in this job + uses: ./.github/actions/print-logfiles + if: failure()