Skip to content

Commit 4f60a12

Browse files
fix(ci): use zone name instead of FQDN for external-dns domain filter
external-dns rejects zones that don't match its domainFilter. When the filter was set to the full FQDN (e.g. pr-614-demo.api-platform.com), external-dns found the Cloudflare zone "api-platform.com" but rejected it with "zone not in domain filter", preventing DNS record creation. Extract the zone (last two domain segments) from the URL so external-dns can match the Cloudflare zone correctly. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
1 parent 379e1ea commit 4f60a12

File tree

1 file changed

+3
-1
lines changed

1 file changed

+3
-1
lines changed

.github/workflows/deploy.yml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -105,6 +105,8 @@ jobs:
105105
url=$release-demo.api-platform.com
106106
fi
107107
echo "url=$url" >> "$GITHUB_OUTPUT"
108+
# Extract the zone (last two segments) for external-dns domain filter
109+
dns_zone=$(echo "$url" | awk -F. '{print $(NF-1)"."$NF}')
108110
cors="https://$url|http://localhost|https://localhost|http://localhost:3000|https://api-platform.github.io"
109111
set -o pipefail
110112
helm upgrade $release ./helm/api-platform -f ./helm/api-platform/values.yaml \
@@ -127,7 +129,7 @@ jobs:
127129
--set=ingress.tls[0].hosts[0]=$url \
128130
--set=external-dns.env[0].name=CF_API_TOKEN \
129131
--set=external-dns.env[0].value=${{ secrets.cloudflare-api-token }} \
130-
--set=external-dns.domainFilters[0]=$url \
132+
--set=external-dns.domainFilters[0]=$dns_zone \
131133
--set=external-dns.txtOwnerId=$release \
132134
--set=php.corsAllowOrigin="^$(echo "$cors" | sed 's/\./\\\\./g')$" \
133135
--set=php.trustedHosts="^127\\.0\\.0\\.1|localhost|$(echo "$url" | sed 's/\./\\\\./g')$" \

0 commit comments

Comments
 (0)