mirror of https://code.forgejo.org/actions/ovh-dns-update synced 2025-12-16 05:17:20 +01:00

No description

Find a file

Renovate Bot af3adefc77 Update module github.com/ovh/go-ovh to v1.8.0 (#29 ) Reviewed-on: https://code.forgejo.org/forgejo/ovh-dns-update/pulls/29 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Renovate Bot <bot@kriese.eu> Co-committed-by: Renovate Bot <bot@kriese.eu>		2025-06-17 06:26:56 +00:00
.forgejo/workflows	Update actions/setup-go action to v5	2024-12-04 11:02:22 +00:00
LICENSES	initial commit	2023-08-18 11:40:26 +02:00
action.yml	add README	2023-08-20 20:30:48 +02:00
go.mod	Update module github.com/ovh/go-ovh to v1.8.0 (#29 )	2025-06-17 06:26:56 +00:00
go.sum	Update module github.com/ovh/go-ovh to v1.8.0 (#29 )	2025-06-17 06:26:56 +00:00
go.sum.license	initial commit	2023-08-18 11:40:26 +02:00
main.go	add logs (#3 )	2023-09-20 12:37:11 +00:00
main_test.go	add PR testing (#1 )	2023-08-20 06:44:27 +00:00
README.md	chore(docs): detailed instructions to obtain the OVH credentials	2024-12-04 12:11:13 +01:00
renovate.json	chore(renovate): configure	2024-12-04 10:22:00 +01:00

README.md

OVH DNS Update

Description

Update a given DNS record using the OVH API.

NOTE: This action is written in Go. Please setup the Go environment before running this action or use a runner with Go environment installed.

Inputs

parameter	description	required	default
subdomain	The subdomain to update (e.g. _release)	`true`
domain	The domain (zoneName in the OVH API)	`true`
record-id	The ID of the record to update	`true`
value	The TXT value to set	`true`
ovh-endpoint	The OVH API endpoint	`false`	`ovh-eu`
ovh-app-key	The OVH API Application Key	`true`
ovh-app-secret	The OVH API Application Secret	`true`
ovh-consumer-key	The OVH API Consumer Key	`true`

Create the OVH credentials and information

https://api.ovh.com/console/#/domain/zone/%7BzoneName%7D/record~GET
Authenticate
Set zoneName (e.g forgejo.org)
Set fieldType to TXT
Set subDomain (e.g. release)
Click EXECUTE
The content of RESPONSE is the record-id (e.g. 5283602601)
Visit https://www.ovh.com/auth/api/createToken?PUT=/domain/zone/{domain}/record/{record-id} (e.g. https://www.ovh.com/auth/api/createToken?PUT=/domain/zone/forgejo.org/record/5283602601)
Click create
Application key is ovh-app-key
Application secret is ovh-app-secret
Consumer Key is ovh-consumer-key

Security notice

However be aware that the credentials can also update the subdmain! This means that anyone with this credentials can publish a TXT record under any subdomain of the domain (for instance to get a signed certificate by completing the DNS challenge of the ACME protocol).

To mitigate this issue, a dedicated domain can be used with only TXT records (and CNAME records on the main domain, which points to those TXT records).

Example

on: [tag]
jobs:
  upload-release:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: https://code.forgejo.org/actions/setup-go@v4
        with:
          go-version: ">=1.21"
          check-latest: true
      - uses: https://code.forgejo.org/forgejo/ovh-dns-update@v1.0.1
        with:
          subdomain: _release
          domain: example.org
          record-id: 12345
          value: v=${{ github.ref_name }}
          ovh-app-key: ${{ secrets.OVH_APP_KEY }}
          ovh-app-secret: ${{ secrets.OVH_APP_SECRET }}
          ovh-consumer-key: ${{ secrets.OVH_CON_KEY }}

Legacy

It was originally developed for use in the Release Version Check Over DNS (RVCoDNS).