Merge pull request #94 from octodns/healthcheck-protocol-supports

validate healthcheck protocols, throw supports exception if not supported
octodns · Jun 20, 2024 · 2b53c53 · 2b53c53
2 parents 6fe04f0 + ce6df3a
commit 2b53c53
Show file tree

Hide file tree

Showing 3 changed files with 40 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,7 @@
 ## v0.0.? - 2024-??-?? - 
 
 * Fix CAA rdata parsing to allow values with tags
+* Validate that healthcheck protocol is supported (HTTP, HTTPS, TCP)
 
 ## v0.0.7 - 2024-04-11 - Helps if you use the actual Session token
 

diff --git a/octodns_route53/provider.py b/octodns_route53/provider.py
@@ -12,7 +12,7 @@
 from pycountry_convert import country_alpha2_to_continent_code
 
 from octodns.equality import EqualityTupleMixin
-from octodns.provider import ProviderException
+from octodns.provider import ProviderException, SupportsException
 from octodns.provider.base import BaseProvider
 from octodns.record import Create, Record, Update
 from octodns.record.geo import GeoCodes
@@ -1170,6 +1170,12 @@ def _data_for_route53_alias(self, rrsets, zone_name):
     def _process_desired_zone(self, desired):
         for record in desired.records:
             if getattr(record, 'dynamic', False):
+                protocol = record.healthcheck_protocol
+                if protocol not in ('HTTP', 'HTTPS', 'TCP'):
+                    msg = f'healthcheck protocol "{protocol}" not supported'
+                    # no workable fallbacks so straight error
+                    raise SupportsException(f'{self.id}: {msg}')
+
                 # Make a copy of the record in case we have to muck with it
                 dynamic = record.dynamic
                 rules = []

diff --git a/tests/test_octodns_provider_route53.py b/tests/test_octodns_provider_route53.py
@@ -8,6 +8,7 @@
 from botocore.exceptions import ClientError
 from botocore.stub import ANY, Stubber
 
+from octodns.provider import SupportsException
 from octodns.record import Create, Delete, Record, Update
 from octodns.zone import Zone
 
@@ -842,6 +843,37 @@ def test_process_desired_zone(self, fetch_metadata_token_mock):
         )
         self.assertFalse('geos' in dynamic.dynamic.rules[1].data)
 
+        # unsupported healthcheck protocol
+        desired = Zone('unit.tests.', [])
+        record = Record.new(
+            desired,
+            'a',
+            {
+                'ttl': 30,
+                'type': 'A',
+                'value': '1.2.3.4',
+                'dynamic': {
+                    'pools': {
+                        'one': {'values': [{'value': '1.2.3.4'}]},
+                        'two': {'values': [{'value': '2.2.3.4'}]},
+                    },
+                    'rules': [
+                        {'geos': ['EU', 'NA-CA-NB', 'NA-US-OR'], 'pool': 'two'},
+                        {'pool': 'one'},
+                    ],
+                },
+                'octodns': {'healthcheck': {'protocol': 'ICMP'}},
+            },
+            lenient=True,
+        )
+        desired.add_record(record)
+        with self.assertRaises(SupportsException) as ctx:
+            provider._process_desired_zone(desired)
+        self.assertEqual(
+            'test: healthcheck protocol "ICMP" not supported',
+            str(ctx.exception),
+        )
+
     # with fallback boto makes an unstubbed call to the 169. metadata api, this
     # stubs that bit out
     @patch('botocore.credentials.CredentialResolver.load_credentials')