coredns/plugin/etcd/setup.go

package etcd

import (
	"crypto/tls"
	"errors"
	"path/filepath"
	"strconv"
	"strings"
	"time"

	"github.com/coredns/caddy"
	"github.com/coredns/coredns/core/dnsserver"
	"github.com/coredns/coredns/plugin"
	mwtls "github.com/coredns/coredns/plugin/pkg/tls"
	"github.com/coredns/coredns/plugin/pkg/upstream"

	etcdcv3 "go.etcd.io/etcd/client/v3"
)

func init() { plugin.Register("etcd", setup) }

func setup(c *caddy.Controller) error {
	e, err := etcdParse(c)
	if err != nil {
		return plugin.Error("etcd", err)
	}

	c.OnShutdown(e.OnShutdown)

	dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler {
		e.Next = next
		return e
	})

	return nil
}

func etcdParse(c *caddy.Controller) (*Etcd, error) {
	config := dnsserver.GetConfig(c)
	etc := Etcd{
		PathPrefix:  "skydns",
		MinLeaseTTL: defaultLeaseMinTTL,
		MaxLeaseTTL: defaultLeaseMaxTTL,
	}
	var (
		tlsConfig *tls.Config
		err       error
		endpoints = []string{defaultEndpoint}
		username  string
		password  string
	)

	etc.Upstream = upstream.New()

	if c.Next() {
		etc.Zones = plugin.OriginsFromArgsOrServerBlock(c.RemainingArgs(), c.ServerBlockKeys)
		for c.NextBlock() {
			switch c.Val() {
			case "stubzones":
				// ignored, remove later.
			case "fallthrough":
				etc.Fall.SetZonesFromArgs(c.RemainingArgs())
			case "debug":
				/* it is a noop now */
			case "path":
				if !c.NextArg() {
					return &Etcd{}, c.ArgErr()
				}
				etc.PathPrefix = c.Val()
			case "endpoint":
				args := c.RemainingArgs()
				if len(args) == 0 {
					return &Etcd{}, c.ArgErr()
				}
				endpoints = args
			case "upstream":
				// remove soon
				c.RemainingArgs()
			case "tls": // cert key cacertfile
				args := c.RemainingArgs()
				for i := range args {
					if !filepath.IsAbs(args[i]) && config.Root != "" {
						args[i] = filepath.Join(config.Root, args[i])
					}
				}
				tlsConfig, err = mwtls.NewTLSConfigFromArgs(args...)
				if err != nil {
					return &Etcd{}, err
				}
			case "credentials":
				args := c.RemainingArgs()
				if len(args) == 0 {
					return &Etcd{}, c.ArgErr()
				}
				if len(args) != 2 {
					return &Etcd{}, c.Errf("credentials requires 2 arguments, username and password")
				}
				username, password = args[0], args[1]
			case "min-lease-ttl":
				if !c.NextArg() {
					return &Etcd{}, c.ArgErr()
				}
				minLeaseTTL, err := parseTTL(c.Val())
				if err != nil {
					return &Etcd{}, c.Errf("invalid min-lease-ttl value: %v", err)
				}
				etc.MinLeaseTTL = minLeaseTTL
			case "max-lease-ttl":
				if !c.NextArg() {
					return &Etcd{}, c.ArgErr()
				}
				maxLeaseTTL, err := parseTTL(c.Val())
				if err != nil {
					return &Etcd{}, c.Errf("invalid max-lease-ttl value: %v", err)
				}
				etc.MaxLeaseTTL = maxLeaseTTL
			default:
				if c.Val() != "}" {
					return &Etcd{}, c.Errf("unknown property '%s'", c.Val())
				}
			}
		}
		client, err := newEtcdClient(endpoints, tlsConfig, username, password)
		if err != nil {
			return &Etcd{}, err
		}
		etc.Client = client
		etc.endpoints = endpoints

		return &etc, nil
	}
	return &Etcd{}, nil
}

func newEtcdClient(endpoints []string, cc *tls.Config, username, password string) (*etcdcv3.Client, error) {
	etcdCfg := etcdcv3.Config{
		Endpoints:         endpoints,
		TLS:               cc,
		DialKeepAliveTime: etcdTimeout,
	}
	if username != "" && password != "" {
		etcdCfg.Username = username
		etcdCfg.Password = password
	}
	cli, err := etcdcv3.New(etcdCfg)
	if err != nil {
		return nil, err
	}
	return cli, nil
}

const defaultEndpoint = "http://localhost:2379"

// parseTTL parses a TTL value with flexible time units using Go's standard duration parsing.
// Supports formats like: "30", "30s", "5m", "1h", "90s", "2h30m", etc.
func parseTTL(s string) (uint32, error) {
	s = strings.TrimSpace(s)
	if s == "" {
		return 0, nil
	}

	// Handle plain numbers (assume seconds)
	if _, err := strconv.ParseUint(s, 10, 64); err == nil {
		// If it's just a number, append "s" for seconds
		s += "s"
	}

	// Use Go's standard time.ParseDuration for robust parsing
	duration, err := time.ParseDuration(s)
	if err != nil {
		return 0, errors.New("invalid TTL format, use format like '30', '30s', '5m', '1h', or '2h30m'")
	}

	// Convert to seconds and check bounds
	seconds := duration.Seconds()
	if seconds < 0 {
		return 0, errors.New("TTL must be non-negative")
	}
	if seconds > 4294967295 { // uint32 max value
		return 0, errors.New("TTL too large, maximum is 4294967295 seconds")
	}

	return uint32(seconds), nil
}