Bump version to v0.4.6

Apparently the data from the secret is already decoded?

deploy/cert-manager-webhook-gandi/Chart.yaml

@@ -1,4 +1,4 @@
 apiVersion: v2
 description: A Helm chart for cert-manager-webhook-gandi
 name: cert-manager-webhook-gandi
-version: v0.4.0
+version: v0.4.6

go.mod

@@ -113,3 +113,5 @@ require (
 	sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
 	sigs.k8s.io/yaml v1.3.0 // indirect
 )
+
+replace github.com/go-gandi/go-gandi => git.mug.lv/galen/go-gandi v0.0.0-20231017185104-ac95d5a2c330

go.sum

@@ -34,6 +34,8 @@ cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohl
 cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
 cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
 dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
+git.mug.lv/galen/go-gandi v0.0.0-20231017185104-ac95d5a2c330 h1:J7vml36GjSEOg7QP17eQ+tjssi6emb7mPoSHHvqDxCQ=
+git.mug.lv/galen/go-gandi v0.0.0-20231017185104-ac95d5a2c330/go.mod h1:9NoYyfWCjFosClPiWjkbbRK5UViaZ4ctpT8/pKSSFlw=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/BurntSushi/toml v1.2.1 h1:9F2/+DoOYIOksmaJFPw1tGFy1eDnIJXg+UHjuD8lTak=
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
@@ -102,8 +104,6 @@ github.com/flowstack/go-jsonschema v0.1.1/go.mod h1:yL7fNggx1o8rm9RlgXv7hTBWxdBM
 github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY=
 github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw=
 github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
-github.com/go-gandi/go-gandi v0.6.0 h1:RgFoevggRRp7hF9XsOmWmtwbUg2axhe2ygEdd6Mtstc=
-github.com/go-gandi/go-gandi v0.6.0/go.mod h1:9NoYyfWCjFosClPiWjkbbRK5UViaZ4ctpT8/pKSSFlw=
 github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
 github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
 github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=

main.go

@@ -28,7 +28,10 @@ const (
 	GandiMinTtl = 300 // Gandi reports an error for values < this value
 )
 
-var GroupName = os.Getenv("GROUP_NAME")
+var (
+	DebugHTTP = os.Getenv("DEBUG_HTTP")
+	GroupName = os.Getenv("GROUP_NAME")
+)
 
 func main() {
 	if GroupName == "" {
@@ -108,10 +111,11 @@ func (c *gandiDNSProviderSolver) Present(ch *v1alpha1.ChallengeRequest) error {
 		return fmt.Errorf("failed to get record: %w", err)
 	}
 
+	txtValues := []string{fmt.Sprintf(`"%s"`, ch.Key)}
 	if present {
-		_, err = client.UpdateDomainRecordByNameAndType(domain, entry, "TXT", GandiMinTtl, []string{ch.Key})
+		_, err = client.UpdateDomainRecordByNameAndType(domain, entry, "TXT", GandiMinTtl, txtValues)
 	} else {
-		_, err = client.CreateDomainRecord(domain, entry, "TXT", GandiMinTtl, []string{ch.Key})
+		_, err = client.CreateDomainRecord(domain, entry, "TXT", GandiMinTtl, txtValues)
 	}
 	if err != nil {
 		return fmt.Errorf("failed to set record: %w", err)
@@ -202,28 +206,28 @@ func (c *gandiDNSProviderSolver) newClient(ch *v1alpha1.ChallengeRequest) (*live
 	}
 
 	return gandi.NewLiveDNSClient(config.Config{
-		APIKey:  *apiKey,
+		Token:   apiKey,
 		Timeout: time.Second * 30,
+		Debug:   DebugHTTP != "",
 	}), nil
 }
 
 // Get Gandi API key from Kubernetes secret.
-func (c *gandiDNSProviderSolver) getApiKey(cfg *gandiDNSProviderConfig, namespace string) (*string, error) {
+func (c *gandiDNSProviderSolver) getApiKey(cfg *gandiDNSProviderConfig, namespace string) (string, error) {
 	secretName := cfg.APIKeySecretRef.LocalObjectReference.Name
 
 	klog.V(6).Infof("try to load secret `%s` with key `%s`", secretName, cfg.APIKeySecretRef.Key)
 
 	sec, err := c.client.CoreV1().Secrets(namespace).Get(context.Background(), secretName, metav1.GetOptions{})
 	if err != nil {
-		return nil, fmt.Errorf("unable to get secret `%s`; %v", secretName, err)
+		return "", fmt.Errorf("unable to get secret `%s`; %v", secretName, err)
 	}
 
 	secBytes, ok := sec.Data[cfg.APIKeySecretRef.Key]
 	if !ok {
-		return nil, fmt.Errorf("key %q not found in secret \"%s/%s\"", cfg.APIKeySecretRef.Key,
+		return "", fmt.Errorf("key %q not found in secret \"%s/%s\"", cfg.APIKeySecretRef.Key,
 			cfg.APIKeySecretRef.LocalObjectReference.Name, namespace)
 	}
 
-	apiKey := string(secBytes)
-	return &apiKey, nil
+	return string(secBytes), nil
 }

scripts/release.sh

@@ -0,0 +1,33 @@
+#!/bin/sh -eux
+
+cd "$(dirname "$0")"
+
+version="$(yq '.version' ../deploy/cert-manager-webhook-gandi/Chart.yaml)"
+version="${version#v}"
+major="$(echo "$version" | cut -d'.' -f1)"
+minor="$(echo "$version" | cut -d'.' -f2)"
+patch="$(echo "$version" | cut -d'.' -f3)"
+case "${1:-""}" in
+major)
+	major=$((major + 1))
+	minor=0
+	patch=0
+	;;
+minor)
+	minor=$((minor + 1))
+	patch=0
+	;;
+patch)
+	patch=$((patch + 1))
+	;;
+*)
+	echo "Unknown release type"
+	exit 1
+	;;
+esac
+version="$major.$minor.$patch"
+
+yq -i ".version |= \"v$version\"" ../deploy/cert-manager-webhook-gandi/Chart.yaml
+git add ../deploy/
+git commit -m "Bump version to v$version"
+git tag -a "v$version"