gophercloud
diff --git a/‎internal/acceptance/openstack/dns/v2/dns.go‎
Lines changed: 46 additions & 0 deletions b/‎internal/acceptance/openstack/dns/v2/dns.go‎
Lines changed: 46 additions & 0 deletions
diff --git a/‎internal/acceptance/openstack/dns/v2/tsigkeys_test.go‎
Lines changed: 56 additions & 0 deletions b/‎internal/acceptance/openstack/dns/v2/tsigkeys_test.go‎
Lines changed: 56 additions & 0 deletions
diff --git a/‎openstack/dns/v2/tsigkeys/doc.go‎
Lines changed: 72 additions & 0 deletions b/‎openstack/dns/v2/tsigkeys/doc.go‎
Lines changed: 72 additions & 0 deletions
diff --git a/‎openstack/dns/v2/tsigkeys/requests.go‎
Lines changed: 158 additions & 0 deletions b/‎openstack/dns/v2/tsigkeys/requests.go‎
Lines changed: 158 additions & 0 deletions
@@ -9,6 +9,7 @@ import (
 	"github.com/gophercloud/gophercloud/v2/openstack/dns/v2/recordsets"
 	transferAccepts "github.com/gophercloud/gophercloud/v2/openstack/dns/v2/transfer/accept"
 	transferRequests "github.com/gophercloud/gophercloud/v2/openstack/dns/v2/transfer/request"
+	"github.com/gophercloud/gophercloud/v2/openstack/dns/v2/tsigkeys"
 	"github.com/gophercloud/gophercloud/v2/openstack/dns/v2/zones"
 	th "github.com/gophercloud/gophercloud/v2/testhelper"
 )
@@ -308,3 +309,48 @@ func WaitForZoneStatus(client *gophercloud.ServiceClient, zone *zones.Zone, stat
 		return false, nil
 	})
 }
+
+// CreateTSIGKey will create a TSIG key with a random name. An error will
+// be returned if the TSIG key was unable to be created.
+func CreateTSIGKey(t *testing.T, client *gophercloud.ServiceClient) (*tsigkeys.TSIGKey, error) {
+	keyName := tools.RandomString("ACPTTEST", 8)
+
+	t.Logf("Attempting to create TSIG key: %s", keyName)
+	createOpts := tsigkeys.CreateOpts{
+		Name:      keyName,
+		Algorithm: "hmac-sha256",
+		Secret:    "example-test-secret-key==",
+		Scope:     "POOL",
+		// Default pool ID from designate/conf/central.py
+		ResourceID: "794ccc2c-d751-44fe-b57f-8894c9f5c842",
+	}
+
+	tsigkey, err := tsigkeys.Create(context.TODO(), client, createOpts).Extract()
+	if err != nil {
+		return tsigkey, err
+	}
+
+	newTSIGKey, err := tsigkeys.Get(context.TODO(), client, tsigkey.ID).Extract()
+	if err != nil {
+		return tsigkey, err
+	}
+
+	t.Logf("Created TSIG key: %s", keyName)
+
+	th.AssertEquals(t, newTSIGKey.Name, keyName)
+	th.AssertEquals(t, newTSIGKey.Algorithm, "hmac-sha256")
+
+	return newTSIGKey, nil
+}
+
+// DeleteTSIGKey will delete a specified TSIG key. A fatal error will occur if
+// the TSIG key failed to be deleted. This works best when used as a deferred
+// function.
+func DeleteTSIGKey(t *testing.T, client *gophercloud.ServiceClient, tsigkey *tsigkeys.TSIGKey) {
+	err := tsigkeys.Delete(context.TODO(), client, tsigkey.ID).ExtractErr()
+	if err != nil {
+		t.Fatalf("Unable to delete TSIG key %s: %v", tsigkey.ID, err)
+	}
+
+	t.Logf("Deleted TSIG key: %s", tsigkey.ID)
+}
@@ -0,0 +1,56 @@
+//go:build acceptance || dns || tsigkeys
+
+package v2
+
+import (
+	"context"
+	"testing"
+
+	"github.com/gophercloud/gophercloud/v2/internal/acceptance/clients"
+	"github.com/gophercloud/gophercloud/v2/internal/acceptance/tools"
+	"github.com/gophercloud/gophercloud/v2/openstack/dns/v2/tsigkeys"
+	th "github.com/gophercloud/gophercloud/v2/testhelper"
+)
+
+func TestTSIGKeysCRUD(t *testing.T) {
+	clients.RequireAdmin(t)
+
+	client, err := clients.NewDNSV2Client()
+	th.AssertNoErr(t, err)
+
+	tsigkey, err := CreateTSIGKey(t, client)
+	th.AssertNoErr(t, err)
+	defer DeleteTSIGKey(t, client, tsigkey)
+
+	tools.PrintResource(t, &tsigkey)
+
+	allPages, err := tsigkeys.List(client, nil).AllPages(context.TODO())
+	th.AssertNoErr(t, err)
+
+	allTSIGKeys, err := tsigkeys.ExtractTSIGKeys(allPages)
+	th.AssertNoErr(t, err)
+
+	var found bool
+	for _, k := range allTSIGKeys {
+		tools.PrintResource(t, &k)
+
+		if tsigkey.Name == k.Name {
+			found = true
+		}
+	}
+
+	th.AssertEquals(t, found, true)
+
+	updateOpts := tsigkeys.UpdateOpts{
+		Name:   tsigkey.Name + "-updated",
+		Secret: "updated-test-secret-key==",
+	}
+
+	newTSIGKey, err := tsigkeys.Update(context.TODO(), client, tsigkey.ID, updateOpts).Extract()
+	th.AssertNoErr(t, err)
+
+	tools.PrintResource(t, &newTSIGKey)
+
+	th.AssertEquals(t, newTSIGKey.Name, tsigkey.Name+"-updated")
+	th.AssertEquals(t, newTSIGKey.Secret, "updated-test-secret-key==")
+}
@@ -0,0 +1,72 @@
+/*
+Package tsigkeys provides information and interaction with the TSIG key API
+resource for the OpenStack DNS service.
+
+TSIG (Transaction SIGnature) keys are used to authenticate DNS transactions
+between servers, such as zone transfers and dynamic updates.
+
+Example to List TSIG Keys
+
+	listOpts := tsigkeys.ListOpts{
+		Scope: "POOL",
+	}
+
+	allPages, err := tsigkeys.List(dnsClient, listOpts).AllPages(context.TODO())
+	if err != nil {
+		panic(err)
+	}
+
+	allTSIGKeys, err := tsigkeys.ExtractTSIGKeys(allPages)
+	if err != nil {
+		panic(err)
+	}
+
+	for _, tsigkey := range allTSIGKeys {
+		fmt.Printf("%+v\n", tsigkey)
+	}
+
+Example to Create a TSIG Key
+
+	createOpts := tsigkeys.CreateOpts{
+		Name:       "mytsigkey",
+		Algorithm:  "hmac-sha256",
+		Secret:     "example-secret-key-value==",
+		Scope:      "POOL",
+		ResourceID: "pool-id-here",
+	}
+
+	tsigkey, err := tsigkeys.Create(context.TODO(), dnsClient, createOpts).Extract()
+	if err != nil {
+		panic(err)
+	}
+
+Example to Get a TSIG Key
+
+	tsigkeyID := "99d10f68-5623-4491-91a0-6daafa32b60e"
+	tsigkey, err := tsigkeys.Get(context.TODO(), dnsClient, tsigkeyID).Extract()
+	if err != nil {
+		panic(err)
+	}
+
+Example to Update a TSIG Key
+
+	tsigkeyID := "99d10f68-5623-4491-91a0-6daafa32b60e"
+	updateOpts := tsigkeys.UpdateOpts{
+		Name:   "updatedname",
+		Secret: "updated-secret-key-value==",
+	}
+
+	tsigkey, err := tsigkeys.Update(context.TODO(), dnsClient, tsigkeyID, updateOpts).Extract()
+	if err != nil {
+		panic(err)
+	}
+
+Example to Delete a TSIG Key
+
+	tsigkeyID := "99d10f68-5623-4491-91a0-6daafa32b60e"
+	err := tsigkeys.Delete(context.TODO(), dnsClient, tsigkeyID).ExtractErr()
+	if err != nil {
+		panic(err)
+	}
+*/
+package tsigkeys
@@ -0,0 +1,158 @@
+package tsigkeys
+
+import (
+	"context"
+
+	"github.com/gophercloud/gophercloud/v2"
+	"github.com/gophercloud/gophercloud/v2/pagination"
+)
+
+// ListOptsBuilder allows extensions to add parameters to the List request.
+type ListOptsBuilder interface {
+	ToTSIGKeyListQuery() (string, error)
+}
+
+// ListOpts allows the filtering and sorting of paginated collections through
+// the API. Filtering is achieved by passing in struct field values that map to
+// the server attributes you want to see returned. Marker and Limit are used
+// for pagination.
+// https://docs.openstack.org/api-ref/dns/
+type ListOpts struct {
+	// Integer value for the limit of values to return.
+	Limit int `q:"limit"`
+
+	// UUID of the TSIG key at which you want to set a marker.
+	Marker string `q:"marker"`
+
+	// Name of the TSIG key.
+	Name string `q:"name"`
+
+	// Algorithm used by the TSIG key.
+	Algorithm string `q:"algorithm"`
+
+	// Scope of the TSIG key (ZONE or POOL).
+	Scope string `q:"scope"`
+}
+
+// ToTSIGKeyListQuery formats a ListOpts into a query string.
+func (opts ListOpts) ToTSIGKeyListQuery() (string, error) {
+	q, err := gophercloud.BuildQueryString(opts)
+	return q.String(), err
+}
+
+// List implements a TSIG key List request.
+func List(client *gophercloud.ServiceClient, opts ListOptsBuilder) pagination.Pager {
+	url := baseURL(client)
+	if opts != nil {
+		query, err := opts.ToTSIGKeyListQuery()
+		if err != nil {
+			return pagination.Pager{Err: err}
+		}
+		url += query
+	}
+	return pagination.NewPager(client, url, func(r pagination.PageResult) pagination.Page {
+		return TSIGKeyPage{pagination.LinkedPageBase{PageResult: r}}
+	})
+}
+
+// Get returns information about a TSIG key, given its ID.
+func Get(ctx context.Context, client *gophercloud.ServiceClient, tsigkeyID string) (r GetResult) {
+	resp, err := client.Get(ctx, tsigkeyURL(client, tsigkeyID), &r.Body, nil)
+	_, r.Header, r.Err = gophercloud.ParseResponse(resp, err)
+	return
+}
+
+// CreateOptsBuilder allows extensions to add additional attributes to the
+// Create request.
+type CreateOptsBuilder interface {
+	ToTSIGKeyCreateMap() (map[string]any, error)
+}
+
+// CreateOpts specifies the attributes used to create a TSIG key.
+type CreateOpts struct {
+	// Name of the TSIG key.
+	Name string `json:"name" required:"true"`
+
+	// Algorithm is the TSIG algorithm (e.g., hmac-sha256, hmac-sha512).
+	Algorithm string `json:"algorithm" required:"true"`
+
+	// Secret is the base64-encoded secret key.
+	Secret string `json:"secret" required:"true"`
+
+	// Scope defines the scope of the TSIG key (ZONE or POOL).
+	Scope string `json:"scope" required:"true"`
+
+	// ResourceID is the ID of the resource (zone or pool) this key is associated with.
+	ResourceID string `json:"resource_id" required:"true"`
+}
+
+// ToTSIGKeyCreateMap formats a CreateOpts structure into a request body.
+func (opts CreateOpts) ToTSIGKeyCreateMap() (map[string]any, error) {
+	return gophercloud.BuildRequestBody(opts, "")
+}
+
+// Create implements a TSIG key create request.
+func Create(ctx context.Context, client *gophercloud.ServiceClient, opts CreateOptsBuilder) (r CreateResult) {
+	b, err := opts.ToTSIGKeyCreateMap()
+	if err != nil {
+		r.Err = err
+		return
+	}
+	resp, err := client.Post(ctx, baseURL(client), &b, &r.Body, &gophercloud.RequestOpts{
+		OkCodes: []int{201},
+	})
+	_, r.Header, r.Err = gophercloud.ParseResponse(resp, err)
+	return
+}
+
+// UpdateOptsBuilder allows extensions to add additional attributes to the
+// Update request.
+type UpdateOptsBuilder interface {
+	ToTSIGKeyUpdateMap() (map[string]any, error)
+}
+
+// UpdateOpts specifies the attributes to update a TSIG key.
+type UpdateOpts struct {
+	// Name of the TSIG key.
+	Name string `json:"name,omitempty"`
+
+	// Algorithm is the TSIG algorithm.
+	Algorithm string `json:"algorithm,omitempty"`
+
+	// Secret is the base64-encoded secret key.
+	Secret string `json:"secret,omitempty"`
+
+	// Scope defines the scope of the TSIG key.
+	Scope string `json:"scope,omitempty"`
+
+	// ResourceID is the ID of the resource this key is associated with.
+	ResourceID string `json:"resource_id,omitempty"`
+}
+
+// ToTSIGKeyUpdateMap formats an UpdateOpts structure into a request body.
+func (opts UpdateOpts) ToTSIGKeyUpdateMap() (map[string]any, error) {
+	return gophercloud.BuildRequestBody(opts, "")
+}
+
+// Update implements a TSIG key update request.
+func Update(ctx context.Context, client *gophercloud.ServiceClient, tsigkeyID string, opts UpdateOptsBuilder) (r UpdateResult) {
+	b, err := opts.ToTSIGKeyUpdateMap()
+	if err != nil {
+		r.Err = err
+		return
+	}
+	resp, err := client.Patch(ctx, tsigkeyURL(client, tsigkeyID), &b, &r.Body, &gophercloud.RequestOpts{
+		OkCodes: []int{200},
+	})
+	_, r.Header, r.Err = gophercloud.ParseResponse(resp, err)
+	return
+}
+
+// Delete implements a TSIG key delete request.
+func Delete(ctx context.Context, client *gophercloud.ServiceClient, tsigkeyID string) (r DeleteResult) {
+	resp, err := client.Delete(ctx, tsigkeyURL(client, tsigkeyID), &gophercloud.RequestOpts{
+		OkCodes: []int{204},
+	})
+	_, r.Header, r.Err = gophercloud.ParseResponse(resp, err)
+	return
+}