cmd/devp2p: require dns:read, dns:edit permissions for cloudflare deploy #30326
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds the
dns:read
anddns:edit
permissions to the required set of permissions checked before deploying an ENR tree to Cloudflare. These permissions are necessary for a successful publish.Background:
The current logic for
devp2p dns to-cloudflare
checks forzone:edit
andzone:read
permissions. However, when running the command with only these two permissions, the following error occurs:Adding
zone:read
andzone:edit
to the API token led to a different error:This suggested that additional permissions were required. I added
dns:read
, but encountered another error:Finally, after adding both
dns:read
anddns:edit
permissions, the command executed successfully with the following output:With this PR, the required permissions for deploying an ENR tree to Cloudflare now include
zone:read
,zone:edit
,dns:read
, anddns:edit
. The initial check now includes all of the necessary permissions and indicates in the error message which permissions are missing: