bindcar 0.7.0

HTTP REST API for managing BIND9 zones via rndc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
# Contributing to bindcar

Thank you for your interest in contributing to bindcar! This guide will help you get started.

## Code of Conduct

Be respectful and professional. We welcome contributors of all experience levels.

## Ways to Contribute

### Report Bugs

Found a bug? Please [open an issue](https://github.com/firestoned/bindcar/issues/new) with:

1. **Clear title** - Summarize the issue
2. **Environment** - OS, bindcar version, deployment method
3. **Steps to reproduce** - Detailed steps to trigger the bug
4. **Expected behavior** - What should happen
5. **Actual behavior** - What actually happens
6. **Logs** - Relevant error messages or logs
7. **Configuration** - Relevant environment variables or configuration

Example:
```markdown
### Bug Report: Zone deletion fails with 500 error

**Environment:**
- bindcar: v0.1.0
- Deployment: Kubernetes 1.28
- BIND9: 9.18

**Steps to reproduce:**
1. Create zone: `POST /api/v1/zones` with example.com
2. Delete zone: `DELETE /api/v1/zones/example.com`
3. Observe 500 error

**Expected:** Zone deleted successfully (204)
**Actual:** 500 Internal Server Error

**Logs:**
```
{"level":"error","message":"RNDC command failed","command":"delzone"}
```

**Configuration:**
- BIND_ZONE_DIR=/var/cache/bind
- RUST_LOG=debug
```

### Request Features

Have an idea? [Open a feature request](https://github.com/firestoned/bindcar/issues/new) with:

1. **Use case** - What problem does this solve?
2. **Proposed solution** - How should it work?
3. **Alternatives considered** - Other approaches you've thought about
4. **Additional context** - Screenshots, examples, etc.

Example:
```markdown
### Feature Request: Support for DNSSEC signing

**Use case:**
As a DNS operator, I want zones automatically signed with DNSSEC so that clients can verify DNS responses.

**Proposed solution:**
Add DNSSEC signing options to zone configuration:
```json
{
  "zoneName": "example.com",
  "zoneConfig": {
    "dnssec": {
      "enabled": true,
      "algorithm": "RSASHA256"
    }
  }
}
```

**Alternatives:**
- Manual signing with external tools
- Separate DNSSEC signer sidecar

**Additional context:**
Many enterprise deployments require DNSSEC for security compliance.
```

### Improve Documentation

Documentation improvements are always welcome:

1. Fix typos or unclear wording
2. Add examples or use cases
3. Improve API documentation
4. Add troubleshooting tips
5. Translate documentation (future)

To edit documentation:
```bash
# Edit files in docs/src/
vim docs/src/installation/index.md

# Build and preview
make docs-serve

# Open browser to http://localhost:3000
```

### Submit Code

Contributing code? Follow these guidelines:

## Development Setup

### Prerequisites

- Rust 1.89.0 or later
- Git
- Docker (optional, for testing)
- mdBook (for documentation)

### Clone and Build

```bash
# Fork the repository on GitHub
# Clone your fork
git clone https://github.com/YOUR_USERNAME/bindcar.git
cd bindcar

# Add upstream remote
git remote add upstream https://github.com/firestoned/bindcar.git

# Build
cargo build

# Run tests
cargo test

# Run locally
mkdir -p .tmp/zones
RUST_LOG=debug BIND_ZONE_DIR=.tmp/zones cargo run
```

## Development Workflow

### 1. Create a Branch

```bash
# Update main
git checkout main
git pull upstream main

# Create feature branch
git checkout -b feature/my-feature

# Or bug fix branch
git checkout -b fix/issue-123
```

### 2. Make Changes

Write your code following these guidelines:

#### Code Style

- **Format code**: Run `cargo fmt` before committing
- **Lint code**: Run `cargo clippy -- -D warnings`
- **Follow conventions**: Match existing code style
- **Add tests**: Write tests for new functionality
- **Document public APIs**: Use rustdoc comments

Example:
```rust
/// Creates a new DNS zone in BIND9.
///
/// # Arguments
///
/// * `zone_name` - The fully qualified domain name of the zone
/// * `zone_config` - Configuration for the zone
///
/// # Returns
///
/// Returns `Ok(())` if the zone was created successfully,
/// or an `Err` with details if the operation failed.
///
/// # Example
///
/// ```
/// let result = create_zone("example.com", &config).await?;
/// ```
pub async fn create_zone(
    zone_name: &str,
    zone_config: &ZoneConfig,
) -> Result<(), Error> {
    // Implementation
}
```

#### Testing

Write tests for:
- New features
- Bug fixes
- Edge cases
- Error conditions

```rust
#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn test_zone_name_validation() {
        assert!(is_valid_zone_name("example.com"));
        assert!(is_valid_zone_name("sub.example.com"));
        assert!(!is_valid_zone_name("invalid..com"));
        assert!(!is_valid_zone_name("example.com/"));
    }

    #[tokio::test]
    async fn test_create_zone_success() {
        let config = test_zone_config();
        let result = create_zone("test.example.com", &config).await;
        assert!(result.is_ok());
    }

    #[tokio::test]
    async fn test_create_zone_duplicate_fails() {
        let config = test_zone_config();
        
        // Create zone
        create_zone("test.example.com", &config).await.unwrap();
        
        // Attempt duplicate creation
        let result = create_zone("test.example.com", &config).await;
        assert!(result.is_err());
    }
}
```

#### Error Handling

- Use `Result<T, E>` for fallible operations
- Provide clear error messages
- Log errors appropriately
- Don't panic in library code

```rust
use tracing::error;

async fn reload_zone(zone_name: &str) -> Result<(), ZoneError> {
    let output = execute_rndc(&["reload", zone_name]).await?;
    
    if !output.status.success() {
        let stderr = String::from_utf8_lossy(&output.stderr);
        error!(
            zone = zone_name,
            error = %stderr,
            "Failed to reload zone"
        );
        return Err(ZoneError::RndcFailed(stderr.to_string()));
    }
    
    Ok(())
}
```

#### Logging

Use structured logging with `tracing`:

```rust
use tracing::{info, debug, error, instrument};

#[instrument(skip(config))]
async fn create_zone(
    zone_name: &str,
    zone_config: &ZoneConfig,
) -> Result<(), Error> {
    info!(zone = zone_name, "Creating zone");
    
    debug!(
        zone = zone_name,
        ttl = zone_config.ttl,
        "Zone configuration"
    );
    
    // ... implementation ...
    
    info!(zone = zone_name, "Zone created successfully");
    Ok(())
}
```

### 3. Run Quality Checks

Before committing, run:

```bash
# Format code
cargo fmt

# Run clippy
cargo clippy -- -D warnings

# Run tests
cargo test

# Check compilation
cargo check

# Or run all checks
make check
```

### 4. Commit Changes

Write clear, descriptive commit messages:

```bash
# Good commit messages
git commit -m "Add DNSSEC support for zone signing"
git commit -m "Fix zone deletion 500 error when BIND9 restarts"
git commit -m "Update documentation for authentication setup"

# Bad commit messages (avoid these)
git commit -m "Fix bug"
git commit -m "Update"
git commit -m "WIP"
```

**Commit message format:**
```
Short summary (50 chars or less)

More detailed explanation if needed. Wrap at 72 characters.

- Bullet points are okay
- Use present tense: "Add feature" not "Added feature"
- Reference issues: Fixes #123

Explain why the change is needed, not just what changed.
```

### 5. Push and Create Pull Request

```bash
# Push branch to your fork
git push origin feature/my-feature

# Create pull request on GitHub
# Fill out the PR template
```

## Pull Request Guidelines

### PR Title

Use clear, descriptive titles:

- `Add DNSSEC zone signing support`
- `Fix zone deletion 500 error`
- `Update installation documentation`
- `Refactor RNDC executor for better error handling`

### PR Description

Include:

1. **Summary** - What does this PR do?
2. **Motivation** - Why is this change needed?
3. **Changes** - What specifically changed?
4. **Testing** - How was this tested?
5. **Screenshots** - If UI/documentation changes
6. **Breaking changes** - Any backwards-incompatible changes?
7. **Closes** - Link related issues (e.g., "Closes #123")

Example:
```markdown
## Summary
Adds DNSSEC signing support for zones, allowing automatic signing with configurable algorithms.

## Motivation
Many enterprise deployments require DNSSEC for security compliance. This feature enables automatic zone signing via BIND9's inline-signing feature.

## Changes
- Add `dnssec` field to `ZoneConfig` struct
- Implement DNSSEC key generation via `rndc-confgen`
- Update zone file template to include DNSSEC policy
- Add integration tests for DNSSEC zones
- Update API documentation

## Testing
- Added unit tests for DNSSEC configuration validation
- Added integration tests for creating signed zones
- Manually tested with BIND9 9.18 in Kubernetes
- Verified DNSSEC signatures with `dig +dnssec`

## Breaking Changes
None - DNSSEC is optional and disabled by default.

## Closes
Closes #45
```

### PR Checklist

Before submitting, ensure:

- [ ] Code follows project style guidelines
- [ ] `cargo fmt` has been run
- [ ] `cargo clippy` passes with no warnings
- [ ] All tests pass (`cargo test`)
- [ ] New tests added for new functionality
- [ ] Documentation updated if needed
- [ ] Commit messages are clear and descriptive
- [ ] PR description explains the changes
- [ ] No merge conflicts with main branch

## Review Process

### What to Expect

1. **Automated Checks** - CI runs tests and linters
2. **Code Review** - Maintainer reviews your code
3. **Feedback** - You may receive change requests
4. **Iteration** - Make requested changes
5. **Approval** - Once approved, PR is merged

### Responding to Feedback

- Be open to suggestions
- Ask questions if feedback is unclear
- Make requested changes promptly
- Update your branch if main has changed

```bash
# Update your branch with latest main
git checkout main
git pull upstream main
git checkout feature/my-feature
git rebase main

# Push updated branch (may need force push)
git push origin feature/my-feature --force-with-lease
```

## Release Process

Releases are managed by maintainers:

1. Version bump in `Cargo.toml`
2. Update `CHANGELOG.md`
3. Create git tag
4. Build and publish Docker image
5. Create GitHub release

## Getting Help

Need help contributing?

- **Questions**: Open a [discussion]https://github.com/firestoned/bindcar/discussions
- **Chat**: Join our community (TBD)
- **Email**: Contact maintainers (TBD)

## Recognition

Contributors are recognized in:
- `CONTRIBUTORS.md` file
- Release notes
- Project README

Thank you for contributing to bindcar!

## Next Steps

- [Development Setup]./setup.md - Set up development environment
- [Architecture]./architecture-deep-dive.md - Understand the codebase
- [API Reference]../reference/api.md - API documentation