Ovh dns provider

[ysokolovsky]

This PR adds a new provider for OVH, enabling users to enumerate DNS records from their OVH accounts via the OVH API.
Issue#2 - Add Support for OVH DNS provider

Changes

• Implemented ovh provider with DNS record retrieval (A, AAAA, CNAME)
• Added proper authentication using OVH API credentials (application_key, application_secret, consumer_key) and configurable endpoint (defaults to ovh-eu)
• Registered the provider in the inventory factory and Providers service map
• Updated PROVIDERS.md with configuration and references
• Added dependency: github.com/ovh/go-ovh

Example provider-config.yaml:

- provider: ovh
  id: ovh-mock
  endpoint: ovh-ca
  application_key: $OVH_APP_KEY
  application_secret: $OVH_APP_SECRET
  consumer_key: $OVH_CONSUMER_KEY

Usage / Testing

1. Create OVH API credentials:

• Generate an application key/secret and a consumer key for your account
• Select the appropriate endpoint (ovh-eu, ovh-ca, or ovh-us)

2. Configure the provider as shown above (env vars supported).
3. Run cloudlist targeting the provider and DNS service:
   cloudlist -pc ovh.yaml -p ovh

Summary by CodeRabbit

• New Features

  • Added OVH provider for DNS discovery (A, AAAA, CNAME), aggregating DNS and IP resources and supporting optional service selection.

• Documentation

  • Added OVH provider docs with authentication requirements, endpoint options, configuration example, and reference links.

• Chores

  • Updated dependencies: added OVH client library and upgraded INI parsing dependency.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9316c06 and afe275c.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (3)

• PROVIDERS.md
• go.mod
• pkg/inventory/inventory.go

---

Walkthrough

Adds an OVH provider (dns service): documentation, dependencies, inventory registration, provider implementation (client creation, credential checks), and DNS resource collection via OVH API (zones and A/AAAA/CNAME records).

Changes

Cohort / File(s)	Summary
Documentation: OVH provider PROVIDERS.md	Adds OVH provider docs: provider key ovh, service dns, required auth (application_key, application_secret, consumer_key), endpoints (default ovh-eu, common: ovh-eu, ovh-ca, ovh-us), example config and references.
Module dependencies go.mod	Adds indirect dependency github.com/ovh/go-ovh v1.9.0 and upgrades gopkg.in/ini.v1 to v1.67.0.
Inventory registration pkg/inventory/inventory.go	Imports OVH provider, registers "ovh" in Providers map, and maps "ovh" in nameToProvider to ovh.New(...).
OVH provider core pkg/providers/ovh/ovh.go	Adds Provider type, Services list (["dns"]), New(options) constructor (validates endpoint and credentials, creates ovh client with 30s HTTP timeout), and methods Name(), ID(), Services(), Resources(ctx) delegating to service providers.
OVH DNS implementation pkg/providers/ovh/dns.go	New dnsProvider and GetResource(ctx) implementation: lists zones, fetches records (A, AAAA, CNAME), builds DNSName and IP resources (wiring IPv4/IPv6 for A/AAAA), and aggregates results.

Sequence Diagram(s)

sequenceDiagram
  participant Inv as Inventory
  participant Prov as ovh.Provider
  participant DNS as dnsProvider
  participant API as OVH_API

  Inv->>Prov: New(options)
  Prov->>API: ovh.NewClient(endpoint, appKey, appSecret, consumerKey)
  Inv->>Prov: Resources(ctx)
  alt dns service enabled
    Prov->>DNS: instantiate with shared client
    DNS->>API: GET /domain/zone
    loop for each zone
      DNS->>API: GET /domain/zone/{zone}/record?fieldType=A|AAAA|CNAME
      loop for each record ID
        DNS->>API: GET /domain/zone/{zone}/record/{id}
        DNS-->>Prov: add DNSName / IP resources
      end
    end
  end
  Prov-->>Inv: Aggregated Resources

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

I hop through zones beneath the moon,
Keys in paw, I query soon.
A, AAAA, CNAME I find and string—
Records stitched like thistle wing.
OVH blossoms in my log-lined tune. 🐇✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title directly describes the main change: adding OVH DNS provider support to the codebase, which aligns with the primary objective of the PR.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (3)

PROVIDERS.md (1)

485-513: Fix bare URLs in the references section.

The static analysis tools correctly identified bare URLs that should be wrapped in angle brackets for proper Markdown formatting.

Apply this diff to fix the markdown formatting:

 References - 
-1. https://eu.api.ovh.com/console/?section=%2Fdomain&branch=v1
-2. https://api.ovh.com/createToken/
-3. https://help.ovhcloud.com/csm/en-gb-api-getting-started-ovhcloud-api
+1. <https://eu.api.ovh.com/console/?section=%2Fdomain&branch=v1>
+2. <https://api.ovh.com/createToken/>
+3. <https://help.ovhcloud.com/csm/en-gb-api-getting-started-ovhcloud-api>

pkg/providers/ovh/dns.go (2)

41-43: Consider logging errors for debugging purposes.

When fetching record types fails, the error is silently ignored with continue. Consider logging these errors for better observability during debugging.

Consider adding error logging to help with debugging:

 			if err := d.client.GetWithContext(ctx, path, &ids); err != nil {
+				// Log error for debugging: unable to fetch record type %s for zone %s: %v
 				continue
 			}

---

46-48: Consider logging errors for debugging purposes.

When fetching individual records fails, the error is silently ignored with continue. Consider logging these errors for better observability during debugging.

Consider adding error logging to help with debugging:

 				if err := d.client.GetWithContext(ctx, fmt.Sprintf("/domain/zone/%s/record/%d", zone, id), &rec); err != nil {
+					// Log error for debugging: unable to fetch record %d for zone %s: %v
 					continue
 				}

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a15e4f8 and 729dc95.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (5)

• PROVIDERS.md (1 hunks)
• go.mod (2 hunks)
• pkg/inventory/inventory.go (3 hunks)
• pkg/providers/ovh/dns.go (1 hunks)
• pkg/providers/ovh/ovh.go (1 hunks)

🧰 Additional context used

🧬 Code Graph Analysis (3)

pkg/inventory/inventory.go (1)

pkg/providers/ovh/ovh.go (2)

• Services (15-15)
• New (24-78)

pkg/providers/ovh/ovh.go (2)

pkg/schema/schema.go (5)

• ServiceMap (251-251)
• OptionBlock (192-192)
• ErrNoSuchKey (163-165)
• Resources (39-42)
• NewResources (45-50)

pkg/inventory/inventory.go (1)

• New (37-52)

pkg/providers/ovh/dns.go (3)

pkg/schema/schema.go (3)

• Resources (39-42)
• NewResources (45-50)
• Resource (141-160)

pkg/providers/ovh/ovh.go (1)

• Provider (17-22)

pkg/schema/validate/validate.go (3)

• DNSName (72-72)
• PublicIPv4 (73-73)
• PublicIPv6 (74-74)

🪛 markdownlint-cli2 (0.17.2)

PROVIDERS.md

510-510: Bare URL used

(MD034, no-bare-urls)

---

511-511: Bare URL used

(MD034, no-bare-urls)

---

512-512: Bare URL used

(MD034, no-bare-urls)

🔇 Additional comments (7)

go.mod (2)

168-168: LGTM!

The gopkg.in/ini.v1 dependency upgrade from v1.66.6 to v1.67.0 is a minor version update that should be backward compatible.

---

217-217: LGTM!

The addition of github.com/ovh/go-ovh v1.9.0 as an indirect dependency is appropriate for the new OVH provider implementation.

pkg/inventory/inventory.go (3)

24-24: LGTM!

The import of the OVH provider package is correctly placed and follows the existing import structure.

---

74-74: LGTM!

The OVH provider is correctly registered in the Providers map with the appropriate services mapping.

---

130-131: LGTM!

The OVH provider case is correctly added to the nameToProvider switch statement, following the established pattern.

pkg/providers/ovh/ovh.go (2)

24-78: Well-structured provider initialization with proper error handling.

The New function correctly validates all required credentials, handles optional configuration with sensible defaults, and properly initializes the OVH client with appropriate timeout settings.

---

84-95: Clean resource collection implementation.

The Resources method correctly handles service-specific resource collection and properly propagates errors from the DNS provider.

[neo-by-projectdiscovery-dev]

Neo - PR Security Review

No security issues found

Highlights

• Adds OVH DNS provider with support for A, AAAA, and CNAME record enumeration
• Integrates official OVH Go SDK (github.com/ovh/go-ovh v1.9.0) for API communication
• Implements proper authentication using application_key, application_secret, and consumer_key with configurable endpoint support

Hardening Notes

• Consider adding rate limiting or retry logic with exponential backoff for OVH API calls in pkg/providers/ovh/dns.go to handle API rate limits gracefully
• Add input validation for the endpoint parameter in pkg/providers/ovh/ovh.go:44-46 to ensure it matches known OVH endpoints (ovh-eu, ovh-ca, ovh-us, etc.) and prevent potential misconfiguration

_{Comment @neo help for available commands. · Open in Neo}