Gist: Scaleway DNS zone file CICD with Github Workflow
A Github Workflow to update your DNS zone hosted on Scaleway.
Last updated on: 2024-12-27
Create your zone file
We will be using a file named `dns.zone` at the root of the repo to hold our zone's data.
You can export your current zone from Scaleway's API like this:
curl -s --fail-with-body -H "X-Auth-Token: $SCW_SECRET_KEY" \
"https://api.scaleway.com/domain/v2beta1/dns-zones/$DNS_ZONE/raw?format=bind" \
| jq -r .content | base64 --decode > dns.zone
Alternatively, you can also create your zone file from scratch, for example:
$ORIGIN example.org. @ 1800 IN NS ns0.dom.scw.cloud. @ 1800 IN NS ns1.dom.scw.cloud. @ 60 IN TXT "ok"
Configure secrets for Github actions
You will need:
- DNS_ZONE: Name of your DNS zone (without trailing dot), for example: "example.org".
- SCW_SECRET_KEY: Scaleway API secret key that can write to zone.
- SCW_PROJECT_ID: Scaleway project ID to which the zone belongs.
Set up your Github workflow
Add the following file to `.github/workflows/deploy.yml`:
on:
push:
branches:
- main
jobs:
deploy:
name: Update DNS zone records
runs-on: ubuntu-latest
env:
DNS_ZONE: "${{ secrets.DNS_ZONE }}" # DNS zone (ex: "example.org")
SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }} # API secret key
SCW_PROJECT_ID: ${{ secrets.SCW_PROJECT_ID }} # Scaleway Project ID
steps:
- name: Checkout Git repo
uses: actions/checkout@v3
- name: Call provider API
run: |
echo "Updating zone..."
jq -n \
--arg project_id "$SCW_PROJECT_ID" \
--arg content "$(cat zone.dns)" \
'{"project_id": $project_id, "bind_source": {"content": $content}}' \
> body.json
curl -s --fail-with-body \
-H "Content-Type: application/json" \
-H "X-Auth-Token: $SCW_SECRET_KEY" \
-d @body.json \
"https://api.scaleway.com/domain/v2beta1/dns-zones/$DNS_ZONE/raw"
Push to Github
You're now good to go, Github will execute your workflow.