Skip to content

Commit

Permalink
addr fb: fix type; check if the result from listresourcerecordset is …
Browse files Browse the repository at this point in the history
…exactly the alias (it could be a record >= alias otherwise)
  • Loading branch information
Lou1415926 committed Nov 24, 2021
1 parent 31ea498 commit 886d523
Showing 1 changed file with 6 additions and 4 deletions.
10 changes: 6 additions & 4 deletions cf-custom-resources/lib/nlb-cert-validator-updater.js
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ const rootHostedZoneIDContext = () => {
};
}

let hostecZoneID = {
let hostedZoneID = {
app: appHostedZoneIDContext(),
root: rootHostedZoneIDContext(),
}
Expand Down Expand Up @@ -239,11 +239,13 @@ async function validateAliases(aliases, loadBalancerDNS) {
if (!recordSet || recordSet.length === 0) {
return;
}
if (recordSet[0].Name !== alias) {
return;
}
let aliasTarget = recordSet[0].AliasTarget;
if (aliasTarget && aliasTarget.DNSName === `${loadBalancerDNS}.`) {
return; // The record is an alias record and is in use by myself, hence valid.
}

if (aliasTarget) {
throw new Error(`Alias ${alias} is already in use by ${aliasTarget.DNSName}. This could be another load balancer of a different service.`);
}
Expand Down Expand Up @@ -432,14 +434,14 @@ async function domainResources (alias) {
return {
domain: domainTypes.AppDomainZone.domain,
route53Client: clients.app.route53(),
hostedZoneID: await hostecZoneID.app(),
hostedZoneID: await hostedZoneID.app(),
};
}
if (domainTypes.RootDomainZone.regex.test(alias)) {
return {
domain: domainTypes.RootDomainZone.domain,
route53Client: clients.root.route53(),
hostedZoneID: await hostecZoneID.root(),
hostedZoneID: await hostedZoneID.root(),
};
}
throw new Error(`unrecognized domain type for ${alias}`);
Expand Down

0 comments on commit 886d523

Please sign in to comment.