Skip to content

Support configurable TXT record length via TEST_DNS_TXT_LEN (improved acme-dns compatibility) #34

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Support configurable TXT record length via TEST_DNS_TXT_LEN (improved acme-dns compatibility) #34

wants to merge 1 commit into from

Conversation

@kubax
Copy link

@kubax kubax commented Nov 26, 2025
edited
Loading

Summary

This PR adds support for a configurable TXT record length during DNS API testing.
Some DNS systems—such as acme-dns—require TXT values of an exact length (e.g., 43 characters). Until now, acmetest always generated TXT records with a fixed size, making it impossible to properly test systems with strict length requirements.

This change introduces a flexible mechanism that allows the TXT size to be adjusted via a GitHub secret (TEST_DNS_TXT_LEN), while still keeping a safe default.

What This PR Changes

1. Adds optional TEST_DNS_TXT_LEN secret

  • Stored as a GitHub secret
  • If set, acmetest generates TXT values with exactly that length
  • If not set, a default of 43 characters is used (chosen for acme-dns compatibility)
  • Minimum allowed length is 28 characters (to preserve the structure of the original prefix)

2. TXT values are generated from a truly random source

  • Uses /dev/urandom or openssl rand depending on platform
  • Repeats the random string until long enough, then truncates precisely
  • Ensures each test run produces a valid, length-correct value

3. The setting is propagated to all test environments

Including:

  • Docker
  • macOS
  • Windows/Cygwin
  • FreeBSD / OpenBSD / NetBSD
  • DragonFlyBSD, Solaris, OmniOS

Every environment behaves consistently with the same TXT length configuration.

Why This Is Useful

The primary motivation is better compatibility with acme-dns, which requires TXT values of a specific length.
This PR makes it possible to:

  • Test acme-dns in GitHub Actions
  • Adjust TXT length easily for development and debugging
  • Change the default later if necessary

Backward Compatibility

  • If TEST_DNS_TXT_LEN is not provided, acmetest defaults to 43 characters
  • Existing DNS tests should continue to work as before
  • The minimum length safeguard (28+) prevents invalid test values

Summary

This PR introduces optional configurability for TXT record length in DNS API testing, enabling proper support for acme-dns and other systems that may require fixed-length TXT values.
It preserves compatibility with existing workflows while giving maintainers and developers more control over test behavior.

fixes: #33

@kubax
make le_test_dnsapi with better randomness
00c90e8 
make the length of the TXT record for le_test_dnsapi configurable
@kubax kubax mentioned this pull request Nov 26, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kubax