DNS: run separate CoreDNS instance for each PCloud env. Previously shared CoreDNS instance was used to handle all domains. This has multiple downsides, most important which is security. For example DNS-Sec keys of all domains were persisted on the same shared volume. Also key itself was generated by PCloud env-manager as part of bootstrapping new env. Which is counter to the main aspirations of PCloud, that environment internal private data must not leak outside of the environment. With new approach implemented in this change, environment starts up it’s own CoreDNS and DNS record manager servers. Manager generates dns-sec keys internally and only exposes public information to the outside world. PCloud infrastructure runes another instance of CoreDNS which acts as a proxy service forwarding requests to individual environments based an requested domain. This simplifies DNS based TLS challenge solvers, as private certificate issuer of each env will point directly to the DNS record manager of the same environment. Change-Id: Ifb0f36d2a133e3b53da22030cc7d6b9099136b3d

commit: e72b54f819a38afc6656b99010370d6f3d51c38e [log] [tgz]
author: gio <gio@v1.dodo.cloud> Mon Apr 22 10:44:41 2024 +0400
committer: gio <gio@v1.dodo.cloud> Tue Apr 30 16:15:43 2024 +0400
tree: 3da4dec10618aca7403f423005ba31ed8c3fae04
parent: 56f86a481e4ac0be5548c8337ea85c1af0561462 [diff] [blame]
diff --git a/core/installer/go.mod b/core/installer/go.mod
index 8e173f2..bf6e083 100644
--- a/core/installer/go.mod
+++ b/core/installer/go.mod

@@ -11,7 +11,6 @@
 	github.com/Masterminds/sprig/v3 v3.2.3
 	github.com/cenkalti/backoff/v4 v4.3.0
 	github.com/charmbracelet/keygen v0.5.0
-	github.com/giolekva/pcloud/core/ns-controller v0.0.0-20240403111418-e9c05499ec80
 	github.com/go-git/go-billy/v5 v5.5.0
 	github.com/go-git/go-git/v5 v5.12.0
 	github.com/gomarkdown/markdown v0.0.0-20240328165702-4d01890c35c0
@@ -119,11 +118,14 @@
 	github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect
+	github.com/onsi/ginkgo/v2 v2.14.0 // indirect
+	github.com/onsi/gomega v1.30.0 // indirect
 	github.com/opencontainers/go-digest v1.0.0 // indirect
 	github.com/opencontainers/image-spec v1.1.0 // indirect
 	github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
 	github.com/pjbgf/sha1cd v0.3.0 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
+	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/prometheus/client_golang v1.19.0 // indirect
 	github.com/prometheus/client_model v0.6.1 // indirect
 	github.com/prometheus/common v0.52.2 // indirect
@@ -178,7 +180,6 @@
 	k8s.io/kubectl v0.29.3 // indirect
 	k8s.io/utils v0.0.0-20240310230437-4693a0247e57 // indirect
 	oras.land/oras-go v1.2.5 // indirect
-	sigs.k8s.io/controller-runtime v0.17.2 // indirect
 	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
 	sigs.k8s.io/kustomize/api v0.16.0 // indirect
 	sigs.k8s.io/kustomize/kyaml v0.16.0 // indirect
commit	e72b54f819a38afc6656b99010370d6f3d51c38e	[log] [tgz]
author	gio <gio@v1.dodo.cloud>	Mon Apr 22 10:44:41 2024 +0400
committer	gio <gio@v1.dodo.cloud>	Tue Apr 30 16:15:43 2024 +0400
tree	3da4dec10618aca7403f423005ba31ed8c3fae04
parent	56f86a481e4ac0be5548c8337ea85c1af0561462 [diff] [blame]