Skip to content

Commit

Permalink
addr fb: fix type; check if the result from listresourcerecordset is …
Browse files Browse the repository at this point in the history
…exactly the alias (it could be a record >= alias otherwise)
  • Loading branch information
Lou1415926 committed Nov 24, 2021
1 parent 31ea498 commit 1ae696f
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 5 deletions.
10 changes: 6 additions & 4 deletions cf-custom-resources/lib/nlb-cert-validator-updater.js
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ const rootHostedZoneIDContext = () => {
};
}

let hostecZoneID = {
let hostedZoneID = {
app: appHostedZoneIDContext(),
root: rootHostedZoneIDContext(),
}
Expand Down Expand Up @@ -239,11 +239,13 @@ async function validateAliases(aliases, loadBalancerDNS) {
if (!recordSet || recordSet.length === 0) {
return;
}
if (recordSet[0].Name !== alias) {
return;
}
let aliasTarget = recordSet[0].AliasTarget;
if (aliasTarget && aliasTarget.DNSName === `${loadBalancerDNS}.`) {
return; // The record is an alias record and is in use by myself, hence valid.
}

if (aliasTarget) {
throw new Error(`Alias ${alias} is already in use by ${aliasTarget.DNSName}. This could be another load balancer of a different service.`);
}
Expand Down Expand Up @@ -432,14 +434,14 @@ async function domainResources (alias) {
return {
domain: domainTypes.AppDomainZone.domain,
route53Client: clients.app.route53(),
hostedZoneID: await hostecZoneID.app(),
hostedZoneID: await hostedZoneID.app(),
};
}
if (domainTypes.RootDomainZone.regex.test(alias)) {
return {
domain: domainTypes.RootDomainZone.domain,
route53Client: clients.root.route53(),
hostedZoneID: await hostecZoneID.root(),
hostedZoneID: await hostedZoneID.root(),
};
}
throw new Error(`unrecognized domain type for ${alias}`);
Expand Down
3 changes: 2 additions & 1 deletion cf-custom-resources/test/nlb-cert-validator-updater-test.js
Original file line number Diff line number Diff line change
Expand Up @@ -248,7 +248,8 @@ describe("DNS Certificate Validation And Custom Domains for NLB", () => {
"ResourceRecordSets": [{
"AliasTarget": {
"DNSName": "other-lb-DNS",
}
},
Name: "dash-test.mockDomain.com",
}]
});
AWS.mock("Route53", "listHostedZonesByName", mockListHostedZonesByName);
Expand Down

0 comments on commit 1ae696f

Please sign in to comment.