Allow ZoneIDFilter for Cloudflare

[james-callahan]

This PR is a rebased and cleaned up #1307

This commit should help #1127. While users in the past were able to
define ZoneIDFilter for this provider, it did not actually do anything
under the hood.

In this case, we're changing Zones() to iterate over the provided
zoneIDs and return only those zones.

I would have also done this for domainFilter, but unfortunately the
CloudFlare API requires that in order to list zones (and find them by
name) that you have "all" permissions, which seems silly. After talking
to their support, this is probably the best way to do this.

[k8s-ci-robot]

Welcome @james-callahan!

It looks like this is your first PR to kubernetes-sigs/external-dns 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes-sigs/external-dns has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. 😃

[james-callahan]

/assign @hjacobs

[drGrove]

Here's an image with the changes. i built it as I needed it for a project and it works as intended: https://hub.docker.com/layers/drgrove/external-dns/0.7.1_dev1/images/sha256-27b1618cb574ec6a3a79cec4ba4e909c2b1d0c75f399851f1092bdaa54abc334?context=repo

[james-callahan]

CI failure seems unrelated:

$ make lint
golangci-lint run --timeout=5m ./...
provider/coredns.go:33: File is not `goimports`-ed (goimports)
	etcdcv3 "go.etcd.io/etcd/clientv3"
Makefile:34: recipe for target 'lint' failed
make: *** [lint] Error 1
The command "make lint" exited with 2.

[njuettner]

Thanks, can you please rebase from master again, should be fixed now 👍.

[njuettner]

Added some comments, PTAL.

[njuettner]

I don't think this is needed, the code already explains it so I would drop the comments

[james-callahan]

(note: I didn't write this: the author of #1307 did):

The following line that notes that empty strings are used by tests is informative.

[njuettner]

Ah I see my bad, I would still like to drop those lines. Maybe only keep the second ... blank string for unit tests ...

[njuettner]

Maybe you could add a new method ZoneDetailsByDomainFilter which includes your code.

[njuettner]

or ListZonesByIDFilter

[james-callahan]

I tried to split this off (and create functions that each returned iterators) but my minimal knowledge of Go wasn't enough to get things working.

Splitting off just the contents of this branch didn't seem to improve readability.

[njuettner]

Just to understand it a bit better, this is dropped because it's not working?

[james-callahan]

Dropped because if there was any zoneIDFilter then the above branch would be taken and this code is unreachable.

[sheerun]

Cheering for this to be merged. Right now I need to issue access token that has access to read all zones

[k8s-ci-robot]

Thanks for your pull request. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please follow instructions at https://git.k8s.io/community/CLA.md#the-contributor-license-agreement to sign the CLA.

It may take a couple minutes for the CLA signature to be fully registered; after that, please reply here with a new comment and we'll verify. Thanks.

---

• If you've already signed a CLA, it's possible we don't have your GitHub username or you're using a different email address. Check your existing CLA data and verify that your email is set on your git commits.
• If you signed the CLA as a corporation, please sign in with your organization's credentials at https://identity.linuxfoundation.org/projects/cncf to be authorized.
• If you have done the above and are still having issues with the CLA being reported as unsigned, please log a ticket with the Linux Foundation Helpdesk: https://support.linuxfoundation.org/
• Should you encounter any issues with the Linux Foundation Helpdesk, send a message to the backup e-mail support address at: login-issues@jira.linuxfoundation.org

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[james-callahan]

/assign @sheerun

[sheerun]

@james-callahan Please sign CLA

[sheerun]

Or is it @dmizelle that haven't signed?

[james-callahan]

cla check passed: it is dmizelle's code.

[sheerun]

I need to consult kubernetes team what to do in cases like this...

[sheerun]

Two things smell bad here:

• There's no need to define ZoneDetails on interface
• If some zoneId doesn't exist, none are processed, instead it should be skipped with error message

[james-callahan]

• There's no need to define ZoneDetails on interface

Why not?

• If some zoneId doesn't exist, none are processed, instead it should be skipped with error message

Fixed.

[sheerun]

I thought that ZoneList supports multiple domains, but it's probably not the case: https://community.cloudflare.com/t/bug-zone-detail-by-name-requires-zone-list-permission/128042/15

[sheerun]

/approve

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: james-callahan, sheerun

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• provider/cloudflare/OWNERS [sheerun]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[sheerun]

/lgtm