From 29fb90f1d122b9680eff311f607d8d98f11c32ea Mon Sep 17 00:00:00 2001
From: Carl Brumm <26975605+c-e-brumm@users.noreply.github.com>
Date: Tue, 22 Oct 2019 14:20:01 -0700
Subject: [PATCH] adding dynamic route53 action setting, returning error if a
 bad action is passed, and checking for raised error

---
 pkg/awsclient/client.go                  | 17 +++++++++++++----
 pkg/controller/certificaterequest/dns.go |  5 ++++-
 2 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/pkg/awsclient/client.go b/pkg/awsclient/client.go
index 92955a2be..112332fb6 100644
--- a/pkg/awsclient/client.go
+++ b/pkg/awsclient/client.go
@@ -108,9 +108,18 @@ func BuildR53Input(hostedZone string) *route53.ChangeResourceRecordSetsInput {
 
 // CreateR53TXTRecordChange creates an route53 Change object for a TXT record with a given name
 // and a given action to take.
-func CreateR53TXTRecordChange(name *string, action string, value *string) route53.Change {
-	change := route53.Change{
-		Action: aws.String(route53.ChangeActionDelete),
+func CreateR53TXTRecordChange(name *string, action string, value *string) (change route53.Change, err error) {
+	if strings.EqualFold("DELETE", action) {
+		action = route53.ChangeActionDelete
+	} else if strings.EqualFold("CREATE", action) {
+		action = route53.ChangeActionCreate
+	} else if strings.EqualFold("UPSERT", action) {
+		action = route53.ChangeActionUpsert
+	} else {
+		return change, fmt.Errorf("Invaild record action passed %v. Must be DELETE, CREATE, or UPSERT", action)
+	}
+	change = route53.Change{
+		Action: aws.String(action),
 		ResourceRecordSet: &route53.ResourceRecordSet{
 			Name: aws.String(*name),
 			ResourceRecords: []*route53.ResourceRecord{
@@ -122,7 +131,7 @@ func CreateR53TXTRecordChange(name *string, action string, value *string) route5
 			Type: aws.String(route53.RRTypeTxt),
 		},
 	}
-	return change
+	return change, nil
 }
 
 // NewClient returns an awsclient.Client object to the caller. If NewClient is passed a non-null
diff --git a/pkg/controller/certificaterequest/dns.go b/pkg/controller/certificaterequest/dns.go
index 98a82aecb..8ee7faaed 100644
--- a/pkg/controller/certificaterequest/dns.go
+++ b/pkg/controller/certificaterequest/dns.go
@@ -312,7 +312,10 @@ func (r *ReconcileCertificateRequest) DeleteAllAcmeChallengeResourceRecords(reqL
 	input := awsclient.BuildR53Input(*hostedzone.Id)
 	for _, record := range listRecordSets.ResourceRecordSets {
 		if strings.Contains(*record.Name, acmeChallengeSubDomain) {
-			change := awsclient.CreateR53TXTRecordChange(record.Name, route53.ChangeActionDelete, record.ResourceRecords[0].Value)
+			change, err := awsclient.CreateR53TXTRecordChange(record.Name, route53.ChangeActionDelete, record.ResourceRecords[0].Value)
+			if err != nil {
+				reqLogger.Error(err, "Error creating record change object")
+			}
 			input.ChangeBatch.Changes = append(input.ChangeBatch.Changes, &change)
 		}
 	}