feat(pihole): add optional support for v6 (#5226)

* Pi hole V6 impl

* Code Review Part One

* Fix Go Lint

* Regenerate Flags file

* Increase code coverage 1/2

* Increase code coverage 2/2

* Fix merge conflict => Provider init move from main.go to execute.go

Author: tJouve

controller/execute.go

@@ -301,6 +301,7 @@ func Execute() {
 				TLSInsecureSkipVerify: cfg.PiholeTLSInsecureSkipVerify,
 				DomainFilter:          domainFilter,
 				DryRun:                cfg.DryRun,
+				APIVersion:            cfg.PiholeApiVersion,
 			},
 		)
 	case "ibmcloud":

docs/flags.md

@@ -153,6 +153,7 @@
 | `--pihole-server=""` | When using the Pihole provider, the base URL of the Pihole web server (required when --provider=pihole) |
 | `--pihole-password=""` | When using the Pihole provider, the password to the server if it is protected |
 | `--[no-]pihole-tls-skip-verify` | When using the Pihole provider, disable verification of any TLS certificates |
+| `--pihole-api-version="5"` | When using the Pihole provider, specify the pihole API version (default: 5, options: 5, 6) |
 | `--plural-cluster=""` | When using the plural provider, specify the cluster name you're running with |
 | `--plural-provider=""` | When using the plural provider, specify the provider name you're running with |
 | `--policy=sync` | Modify how DNS records are synchronized between sources and providers (default: sync, options: sync, upsert-only, create-only) |

docs/tutorials/pihole.md

@@ -6,12 +6,16 @@ There is a pseudo-API exposed that ExternalDNS is able to use to manage these re
 
 __NOTE:__ Your Pi-hole must be running [version 5.9 or newer](https://pi-hole.net/blog/2022/02/12/pi-hole-ftl-v5-14-web-v5-11-and-core-v5-9-released).
 
+__NOTE:__ Provider for Pi-hole version prior to 6.0 is now deprecated and will be removed in future release.
+
+__NOTE:__ Since Pi-hole version 6, you should use the flag *--pihole-api-version=6*
+
 ## Deploy ExternalDNS
 
 You can skip to the [manifest](#externaldns-manifest) if authentication is disabled on your Pi-hole instance or you don't want to use secrets.
 
 If your Pi-hole server's admin dashboard is protected by a password, you'll likely want to create a secret first containing its value.
-This is optional since you _do_ retain the option to pass it as a flag with `--pihole-password`.
+This is optional since you *do* retain the option to pass it as a flag with `--pihole-password`.
 
 You can create the secret with:
 
@@ -98,6 +102,8 @@ spec:
         # the policy to upsert-only so they do not get deleted.
         - --policy=upsert-only
         - --provider=pihole
+        # Switch to pihole V6 API
+        - --pihole-api-version=6
         # Change this to the actual address of your Pi-hole web server
         - --pihole-server=http://pihole-web.pihole.svc.cluster.local
       securityContext:
@@ -109,6 +115,7 @@ spec:
 - `--pihole-server (env: EXTERNAL_DNS_PIHOLE_SERVER)` - The address of the Pi-hole web server
 - `--pihole-password (env: EXTERNAL_DNS_PIHOLE_PASSWORD)` - The password to the Pi-hole web server (if enabled)
 - `--pihole-tls-skip-verify (env: EXTERNAL_DNS_PIHOLE_TLS_SKIP_VERIFY)` - Skip verification of any TLS certificates served by the Pi-hole web server.
+- `--pihole-api-version (env: EXTERNAL_DNS_PIHOLE_API_VERSION)` - Specify the pihole API version (default is 5. Eligible values are 5 or 6).
 
 ## Verify ExternalDNS Works
 
@@ -181,7 +188,7 @@ spec:
 
 You can then query your Pi-hole to see if the record was created.
 
-_Change `@192.168.100.2` to the actual address of your DNS server_
+Change *@192.168.100.2* to the actual address of your DNS server
 
 ```bash
 $ dig +short @192.168.100.2  nginx.external-dns-test.homelab.com

pkg/apis/externaldns/types.go

@@ -203,6 +203,7 @@ type Config struct {
 	PiholeServer                                  string
 	PiholePassword                                string `secure:"yes"`
 	PiholeTLSInsecureSkipVerify                   bool
+	PiholeApiVersion                              string
 	PluralCluster                                 string
 	PluralProvider                                string
 	WebhookProviderURL                            string
@@ -365,6 +366,7 @@ var defaultConfig = &Config{
 	PiholeServer:                                  "",
 	PiholePassword:                                "",
 	PiholeTLSInsecureSkipVerify:                   false,
+	PiholeApiVersion:                              "5",
 	PluralCluster:                                 "",
 	PluralProvider:                                "",
 	WebhookProviderURL:                            "http://localhost:8888",
@@ -600,6 +602,7 @@ func App(cfg *Config) *kingpin.Application {
 	app.Flag("pihole-server", "When using the Pihole provider, the base URL of the Pihole web server (required when --provider=pihole)").Default(defaultConfig.PiholeServer).StringVar(&cfg.PiholeServer)
 	app.Flag("pihole-password", "When using the Pihole provider, the password to the server if it is protected").Default(defaultConfig.PiholePassword).StringVar(&cfg.PiholePassword)
 	app.Flag("pihole-tls-skip-verify", "When using the Pihole provider, disable verification of any TLS certificates").BoolVar(&cfg.PiholeTLSInsecureSkipVerify)
+	app.Flag("pihole-api-version", "When using the Pihole provider, specify the pihole API version (default: 5, options: 5, 6)").Default(defaultConfig.PiholeApiVersion).StringVar(&cfg.PiholeApiVersion)
 
 	// Flags related to the Plural provider
 	app.Flag("plural-cluster", "When using the plural provider, specify the cluster name you're running with").Default(defaultConfig.PluralCluster).StringVar(&cfg.PluralCluster)

pkg/apis/externaldns/types_test.go

@@ -128,6 +128,7 @@ var (
 		IBMCloudConfigFile:                            "/etc/kubernetes/ibmcloud.json",
 		TencentCloudConfigFile:                        "/etc/kubernetes/tencent-cloud.json",
 		TencentCloudZoneType:                          "",
+		PiholeApiVersion:                              "5",
 		WebhookProviderURL:                            "http://localhost:8888",
 		WebhookProviderReadTimeout:                    5 * time.Second,
 		WebhookProviderWriteTimeout:                   10 * time.Second,
@@ -242,6 +243,7 @@ var (
 		IBMCloudConfigFile:                            "ibmcloud.json",
 		TencentCloudConfigFile:                        "tencent-cloud.json",
 		TencentCloudZoneType:                          "private",
+		PiholeApiVersion:                              "6",
 		WebhookProviderURL:                            "http://localhost:8888",
 		WebhookProviderReadTimeout:                    5 * time.Second,
 		WebhookProviderWriteTimeout:                   10 * time.Second,
@@ -352,6 +354,7 @@ func TestParseFlags(t *testing.T) {
 				"--aws-sd-create-tag=key1=value1",
 				"--aws-sd-create-tag=key2=value2",
 				"--no-aws-evaluate-target-health",
+				"--pihole-api-version=6",
 				"--policy=upsert-only",
 				"--registry=noop",
 				"--txt-owner-id=owner-1",
@@ -474,6 +477,7 @@ func TestParseFlags(t *testing.T) {
 				"EXTERNAL_DNS_AWS_SD_SERVICE_CLEANUP":                            "true",
 				"EXTERNAL_DNS_AWS_SD_CREATE_TAG":                                 "key1=value1\nkey2=value2",
 				"EXTERNAL_DNS_DYNAMODB_TABLE":                                    "custom-table",
+				"EXTERNAL_DNS_PIHOLE_API_VERSION":                                "6",
 				"EXTERNAL_DNS_POLICY":                                            "upsert-only",
 				"EXTERNAL_DNS_REGISTRY":                                          "noop",
 				"EXTERNAL_DNS_TXT_OWNER_ID":                                      "owner-1",

provider/pihole/client.go

@@ -60,10 +60,8 @@ func newPiholeClient(cfg PiholeConfig) (piholeAPI, error) {
 	}
 
 	// Setup a persistent cookiejar for storing PHP session information
-	jar, err := cookiejar.New(&cookiejar.Options{})
-	if err != nil {
-		return nil, err
-	}
+	// This call will never return an error
+	jar, _ := cookiejar.New(&cookiejar.Options{})
 	// Setup an HTTP client using the cookiejar
 	httpClient := &http.Client{
 		Jar: jar,