kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: support public dns attributes (#3618)

Browse Source 
* feat: support public dns attributes

* fix: format

* feat: Add public DNS zone type definition with logging and DNSSEC configuration, and integrate it into the schema by replacing the forwarding zone property and updating mutual exclusivity rules.

* doc: update README.md

* feat: support public dns attributes

* fix: format

* feat: Add public DNS zone type definition with logging and DNSSEC configuration, and integrate it into the schema by replacing the forwarding zone property and updating mutual exclusivity rules.

* doc: update README.md

* feat: Add forwarding DNS zone schema to networking stage.

---------

Co-authored-by: Julio Castillo <jccb@google.com>
This commit is contained in:
Eric Zhao
2026-01-07 22:14:29 +10:00
committed by GitHub
parent ef027ad5b5
commit d2aac2c743
3 changed files with 89 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
fast/stages/2-networking/README.md
View File

@@ -189,7 +189,7 @@ VPCs are defined in `.config.yaml` files within the `vpcs/[vpc-name]` directory
### DNS
The DNS factory manages Cloud DNS zones and Response Policy Rules. DNS zones are by default defined within the `dns/zones` directory of your chosen dataset. The factory supports private, peering, and forwarding zones.
The DNS factory manages Cloud DNS zones and Response Policy Rules. DNS zones are by default defined within the `dns/zones` directory of your chosen dataset. The factory supports public, private, peering, and forwarding zones.
In the default dataset, DNS is centralized in the `net-core-0` (hub) project. It hosts:

10
fast/stages/2-networking/factory-dns.tf
View File

@@ -63,7 +63,15 @@ locals {
client_networks = zone_config.forwarding.client_networks
}
}
: {}
: {},
contains(keys(try(zone_config, {})), "public")
? {
public = {
enable_logging = try(zone_config.public.enable_logging, false),
dnssec_config = try(zone_config.public.dnssec_config, {})
}
}
: {},
)
}
)

79
fast/stages/2-networking/schemas/dns.schema.json
View File

@@ -35,6 +35,9 @@
},
"forwarding": {
"$ref": "#/$defs/forwarding_zone"
},
"public": {
"$ref": "#/$defs/public_zone"
}
},
"required": [
@@ -52,6 +55,9 @@
},
"forwarding": {
"not": {}
},
"public": {
"not": {}
}
}
},
@@ -66,6 +72,9 @@
},
"forwarding": {
"not": {}
},
"public": {
"not": {}
}
}
},
@@ -80,6 +89,26 @@
},
"peering": {
"not": {}
},
"public": {
"not": {}
}
}
},
{
"title": "Public Zone",
"required": [
"public"
],
"properties": {
"private": {
"not": {}
},
"peering": {
"not": {}
},
"forwarding": {
"not": {}
}
}
}
@@ -178,6 +207,56 @@
"required": [
"client_networks"
]
},
"public_zone": {
"description": "Public zone specific configuration.",
"type": "object",
"additionalProperties": false,
"properties": {
"enable_logging": {
"type": "boolean"
},
"dnssec_config": {
"type": "object",
"additionalProperties": false,
"properties": {
"state": {
"type": "string"
},
"non_existence": {
"type": "string",
"enum": [
"nsec",
"nsec3"
]
},
"key_signing_key": {
"type": "object",
"additionalProperties": false,
"properties": {
"algorithm": {
"type": "string"
},
"key_length": {
"type": "number"
}
}
},
"zone_signing_key": {
"type": "object",
"additionalProperties": false,
"properties": {
"algorithm": {
"type": "string"
},
"key_length": {
"type": "number"
}
}
}
}
}
}
}
}
}