Updates

- Move quickstart from `utils` to `quickstart`
- Update quickstart script to add more container manipulation
- Move API functional tests back under `modules/api`
- Move build-related scripts to `build/` directory
- Add quickstart containers that can run the local version of the code

.dockerignore

@@ -13,3 +13,4 @@
 **/.github
 **/_template
 img/
+**/.env

.github/workflows/ci.yml

@@ -1,11 +1,10 @@
-# Much copied from sbt-github-actions, modified to support running e2e tests
 name: Continuous Integration
 
 on:
   pull_request:
-    branches: ['*']
+    branches: [ '*' ]
   push:
-    branches: ['master','main']
+    branches: [ 'master','main' ]
 
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -13,131 +12,20 @@ env:
 jobs:
   build:
     name: Build and Test
+    runs-on: ubuntu-latest
     if: "!contains(github.event.head_commit.message, 'ci skip')"
-    strategy:
+
-      matrix:
-        os: [ubuntu-latest]
-        scala: [2.12.10]
-        java: [adopt@1.11]
-    runs-on: ${{ matrix.os }}
     steps:
       - name: Checkout current branch (full)
         uses: actions/checkout@v2
         with:
           fetch-depth: 0
 
-      - name: Setup Java and Scala
+      - name: Import Content Trust Key
-        uses: olafurpg/setup-scala@v10
+        run: cd build/ && ./assemble_api.jar.sh && ./prepare_release.sh
-        env:
+        shell: bash
-          ACTIONS_ALLOW_UNSECURE_COMMANDS: 'true'
-        with:
-          java-version: ${{ matrix.java }}
-
-      - name: Cache ivy2
-        uses: actions/cache@v1
-        with:
-          path: ~/.ivy2/cache
-          key: ${{ runner.os }}-sbt-ivy-cache-${{ hashFiles('**/*.sbt') }}-${{ hashFiles('project/build.properties') }}
-
-      - name: Cache coursier (generic)
-        uses: actions/cache@v1
-        with:
-          path: ~/.coursier/cache/v1
-          key: ${{ runner.os }}-generic-sbt-coursier-cache-${{ hashFiles('**/*.sbt') }}-${{ hashFiles('project/build.properties') }}
-
-      - name: Cache coursier (linux)
-        if: contains(runner.os, 'linux')
-        uses: actions/cache@v1
-        with:
-          path: ~/.cache/coursier/v1
-          key: ${{ runner.os }}-sbt-coursier-cache-${{ hashFiles('**/*.sbt') }}-${{ hashFiles('project/build.properties') }}
-
-      - name: Cache coursier (macOS)
-        if: contains(runner.os, 'macos')
-        uses: actions/cache@v1
-        with:
-          path: ~/Library/Caches/Coursier/v1
-          key: ${{ runner.os }}-sbt-coursier-cache-${{ hashFiles('**/*.sbt') }}-${{ hashFiles('project/build.properties') }}
-
-      - name: Cache coursier (windows)
-        if: contains(runner.os, 'windows')
-        uses: actions/cache@v1
-        with:
-          path: ~/AppData/Local/Coursier/Cache/v1
-          key: ${{ runner.os }}-sbt-coursier-cache-${{ hashFiles('**/*.sbt') }}-${{ hashFiles('project/build.properties') }}
-
-      - name: Cache sbt
-        uses: actions/cache@v1
-        with:
-          path: ~/.sbt
-          key: ${{ runner.os }}-sbt-cache-${{ hashFiles('**/*.sbt') }}-${{ hashFiles('project/build.properties') }}
-
-      - run: sbt ++${{ matrix.scala }} validate verify
 
       - name: Codecov
         uses: codecov/codecov-action@v1
         with:
           fail_ci_if_error: true # optional (default = false)
-
-  func:
-    name: Func Test
-    if: "!contains(github.event.head_commit.message, 'ci skip')"
-    strategy:
-      matrix:
-        os: [ubuntu-latest]
-        scala: [2.12.10]
-        java: [adopt@1.11]
-    runs-on: ${{ matrix.os }}
-    steps:
-      - name: Checkout current branch (full)
-        uses: actions/checkout@v2
-        with:
-          fetch-depth: 0
-
-      - name: Setup Java and Scala
-        uses: olafurpg/setup-scala@v10
-        env:
-          ACTIONS_ALLOW_UNSECURE_COMMANDS: 'true'
-        with:
-          java-version: ${{ matrix.java }}
-
-      - name: Cache ivy2
-        uses: actions/cache@v1
-        with:
-          path: ~/.ivy2/cache
-          key: ${{ runner.os }}-sbt-ivy-cache-${{ hashFiles('**/*.sbt') }}-${{ hashFiles('project/build.properties') }}
-
-      - name: Cache coursier (generic)
-        uses: actions/cache@v1
-        with:
-          path: ~/.coursier/cache/v1
-          key: ${{ runner.os }}-generic-sbt-coursier-cache-${{ hashFiles('**/*.sbt') }}-${{ hashFiles('project/build.properties') }}
-
-      - name: Cache coursier (linux)
-        if: contains(runner.os, 'linux')
-        uses: actions/cache@v1
-        with:
-          path: ~/.cache/coursier/v1
-          key: ${{ runner.os }}-sbt-coursier-cache-${{ hashFiles('**/*.sbt') }}-${{ hashFiles('project/build.properties') }}
-
-      - name: Cache coursier (macOS)
-        if: contains(runner.os, 'macos')
-        uses: actions/cache@v1
-        with:
-          path: ~/Library/Caches/Coursier/v1
-          key: ${{ runner.os }}-sbt-coursier-cache-${{ hashFiles('**/*.sbt') }}-${{ hashFiles('project/build.properties') }}
-
-      - name: Cache coursier (windows)
-        if: contains(runner.os, 'windows')
-        uses: actions/cache@v1
-        with:
-          path: ~/AppData/Local/Coursier/Cache/v1
-          key: ${{ runner.os }}-sbt-coursier-cache-${{ hashFiles('**/*.sbt') }}-${{ hashFiles('project/build.properties') }}
-
-      - name: Cache sbt
-        uses: actions/cache@v1
-        with:
-          path: ~/.sbt
-          key: ${{ runner.os }}-sbt-cache-${{ hashFiles('**/*.sbt') }}-${{ hashFiles('project/build.properties') }}
-      - name: Func tests
-        run: ./utils/func-test-portal.sh && ./utils/func-test-api.sh

DEVELOPER_GUIDE.md

@@ -66,11 +66,9 @@ The API is the RESTful API for interacting with VinylDNS. The following technolo
 * [Akka HTTP](https://doc.akka.io/docs/akka-http/current/) - Used primarily for REST and HTTP calls.
 * [FS2](https://functional-streams-for-scala.github.io/fs2/) - Used for backend change processing off of message queues.
   FS2 has back-pressure built in, and gives us tools like throttling and concurrency.
-* [Cats Effect](https://typelevel.org/cats-effect/) - We are currently migrating away from `Future` as our primary type
+* [Cats Effect](https://typelevel.org/cats-effect/) - A replacement of `Future` with the `IO` monad
-  and towards cats effect IO. Hopefully, one day, all the things will be using IO.
 * [Cats](https://typelevel.org/cats) - Used for functional programming.
-* [PureConfig](https://pureconfig.github.io/) - For loading configuration values. We are currently migrating to use
+* [PureConfig](https://pureconfig.github.io/) - For loading configuration values.
-  PureConfig everywhere. Not all the places use it yet.
 
 The API has the following dependencies:
 
@@ -137,7 +135,7 @@ settings for the microsite are also configured in `build.sbt` of the project roo
 #### Code Layout
 
 * `src/main/resources` - Microsite resources and configurations
-* `src/main/tut` - Content for microsite web pages
+* `src/main/mdoc` - Content for microsite web pages
 
 ## Running VinylDNS Locally
 
@@ -168,10 +166,11 @@ configuration.
 
 ### Starting the Portal
 
-To run the portal locally, you _first_ have to start up the VinylDNS API Server:
+To run the portal locally, you _first_ have to start up the VinylDNS API Server. This can be done by following the
+instructions for [Staring the API Server](#Starting the API Server) or by using the QuickStart:
 
 ```
-utils/quickstart-vinyldns.sh
+quickstart/quickstart-vinyldns.sh --api-only
 ```
 
 Once that is done, in the same `sbt` session or a different one, go to `project portal` and then
@@ -333,4 +332,4 @@ zone_id = shared_zone_test_context.ok_zone["id"]
 
 When functional tests are run, we spin up several Docker containers. One of the Docker containers is a Bind9 DNS server.
 If you need to add or modify the test DNS zone files, you can find them in
-`docker/bind9/zones`
+`quickstart/bind9/zones`

MAINTAINERS.md

@@ -19,14 +19,12 @@ the [vinyldns organization](https://hub.docker.com/u/vinyldns/dashboard/). Namel
 
 * vinyldns/api: images for vinyldns core api engine 
 * vinyldns/portal: images for vinyldns web client
-* vinyldns/bind9: images for local DNS server used for testing 
 
 The offline root key and repository keys are managed by the core maintainer team. The keys managed are:
 
 * root key: also known as the offline key, used to create the separate repository signing keys
 * api key: used to sign tagged images in vinyldns/api
 * portal key: used to sign tagged images in vinyldns/portal
-* bind9 key: used to sign tagged images in the vinyldns/bind9
 
 These keys are named in a <hash>.key format, e.g. 5526ecd15bd413e08718e66c440d17a28968d5cd2922b59a17510da802ca6572.key,
 do not change the names of the keys. 

README.md

@@ -48,44 +48,76 @@ To start up a local instance of VinylDNS on your machine with docker:
 1. Ensure that you have [docker](https://docs.docker.com/install/) and [docker-compose](https://docs.docker.com/compose/install/)
 1. Clone the repo: `git clone https://github.com/vinyldns/vinyldns.git`
 1. Navigate to repo: `cd vinyldns`
-1. Run `./utils/quickstart-vinyldns.sh`. This will start up the api at `localhost:9000` and the portal at `localhost:9001`
+1. Run `./quickstart/quickstart-vinyldns.sh`. This will start up the api at `localhost:9000` and the portal
+   at `localhost:9001`
 1. See [Developer Guide](DEVELOPER_GUIDE.md#loading-test-data) for how to load a test DNS zone
 1. To stop the local setup, run `./utils/clean-vinyldns-containers.sh`.
 
-There exist several clients at <https://github.com/vinyldns> that can be used to make API requests, using the endpoint `http://localhost:9000`
+There exist several clients at <https://github.com/vinyldns> that can be used to make API requests, using the
+endpoint `http://localhost:9000`
 
 ## Things to try in the portal
+
 1. View the portal at <http://localhost:9001> in a web browser
-1. Login with the credentials `testuser` and `testpassword`
+2. Login with the credentials `professor` and `professor`
-1. Navigate to the `groups` tab: <http://localhost:9001/groups>
+3. Navigate to the `groups` tab: <http://localhost:9001/groups>
-1. Click on the **New Group** button and create a new group, the group id is the uuid in the url after you view the group
+4. Click on the **New Group** button and create a new group, the group id is the uuid in the url after you view the
-1. View zones you connected to in the `zones` tab: <http://localhost:9001/zones>.  For a quick test, create a new zone named "ok" with an email of "test@test.com" and choose a group you created from the previous step. (Note, see [Developer Guide](DEVELOPER_GUIDE.md#loading-test-data) for creating a zone)
+   group
-1. You will see that some records are preloaded in the zoned already, this is because these records are preloaded in the local docker DNS server 
+5. View zones you connected to in the `zones` tab: <http://localhost:9001/zones>. For a quick test, create a new zone
-and VinylDNS automatically syncs records with the backend DNS server upon zone connection
+   named `ok` with an email of `test@test.com` and choose a group you created from the previous step. (Note,
-1. From here, you can create DNS record sets in the **Manage Records** tab, and manage zone settings and ***ACL rules***
+   see [Developer Guide](DEVELOPER_GUIDE.md#loading-test-data) for creating a zone)
-in the **Manage Zone** tab
+6. You will see that some records are preloaded in the zoned already, this is because these records are preloaded in the
-1. To try creating a DNS record, click on the **Create Record Set** button under Records, `Record Type = A, Record Name = my-test-a,
+   local docker DNS server and VinylDNS automatically syncs records with the backend DNS server upon zone connection
-TTL = 300, IP Addressess = 1.1.1.1`
+7. From here, you can create DNS record sets in the **Manage Records** tab, and manage zone settings and ***ACL rules***
-1. Click on the **Refresh** button under Records, you should see your new record created
+   in the **Manage Zone** tab
+8. To try creating a DNS record, click on the **Create Record Set** button under
+   Records, `Record Type = A, Record Name = my-test-a, TTL = 300, IP Addressess = 1.1.1.1`
+9. Click on the **Refresh** button under Records, you should see your new record created
+
+### Verifying Your Changes
+
+VinylDNS will synchronize with the DNS backend. For the Quickstart this should be running on port `19001` on `localhost`.
+
+To verify your changes, you can use a DNS resolution utility like `dig`
+
+```bash
+$ dig @127.0.0.1 -p 19001 +short my-test-a.ok
+1.1.1.1
+```
+
+This tells `dig` to use `127.0.0.1` as the resolver on port `19001`. The `+short` just makes the output a bit less
+verbose. Finally, the record we're looking up is `my-test-a.ok`. You can see the returned output of `1.1.1.1` matches
+the record data we entered.
 
 ## Other things to note
-1. Upon connecting to a zone for the first time, a zone sync is executed to provide VinylDNS a copy of the records in the zone
+
-1. Changes made via VinylDNS are made against the DNS backend, you do not need to sync the zone further to push those changes out
+1. Upon connecting to a zone for the first time, a zone sync is executed to provide VinylDNS a copy of the records in
-1. If changes to the zone are made outside of VinylDNS, then the zone will have to be re-synced to give VinylDNS a copy of those records
+   the zone
-1. If you wish to modify the url used in the creation process from `http://localhost:9000`, to say `http://vinyldns.yourdomain.com:9000`, you can modify the `utils/.env` file before execution.
+1. Changes made via VinylDNS are made against the DNS backend, you do not need to sync the zone further to push those
-1. A similar `docker/.env.quickstart` can be modified to change the default ports for the Portal and API. You must also modify their config files with the new port: https://www.vinyldns.io/operator/config-portal & https://www.vinyldns.io/operator/config-api
+   changes out
+1. If changes to the zone are made outside of VinylDNS, then the zone will have to be re-synced to give VinylDNS a copy
+   of those records
+1. If you wish to modify the url used in the creation process from `http://localhost:9000`, to
+   say `http://vinyldns.yourdomain.com:9000`, you can modify the `quickstart/.env` file before execution.
+1. Further configuration can be ac https://www.vinyldns.io/operator/config-portal
+   & https://www.vinyldns.io/operator/config-api
 
 ## Code of Conduct
-This project, and everyone participating in it, are governed by the [VinylDNS Code Of Conduct](CODE_OF_CONDUCT.md).  By
+
-participating, you agree to this Code.  Please report any violations to the code of conduct to vinyldns-core@googlegroups.com.
+This project, and everyone participating in it, are governed by the [VinylDNS Code Of Conduct](CODE_OF_CONDUCT.md). By
+participating, you agree to this Code. Please report any violations to the code of conduct to
+vinyldns-core@googlegroups.com.
 
 ## Developer Guide
+
 See [DEVELOPER_GUIDE.md](DEVELOPER_GUIDE.md) for instructions on setting up VinylDNS locally.
 
 ## Contributing
+
 See the [Contributing Guide](CONTRIBUTING.md).
 
 ## Contact
+
 - If you have any security concerns please contact the maintainers directly vinyldns-core@googlegroups.com
 
 ## Maintainers and Contributors

build/README.md

@@ -1,80 +1,14 @@
-## Building VinylDNS
+# Build
 
-This folder contains scripts and everything you need to build and test VinylDNS from your own machine.
+This folder contains scripts for building VinylDNS and it's related artifacts.
 
-## Pre-requisites
+| Path |Description |
+| --- | --- |
+|`assemble_api_jar.sh` | Builds the VinylDNS API jar file. You can find the resulting `jar` file in `assembly/`.|
+|`deep_clean.sh` | Removes all of the build artifacts and all `target/` directories recursively.|
+| `func-test-api.sh` | Runs the functional tests for the API| 
+| `func-test-portal.sh` | Runs the functional tests for the Portal| 
+| `prepare_release.sh` | Runs all of the tests in preparation for a release|
+| `verify.sh` | Runs all of the unit and integration tests|
 
-- `docker` - you will need docker and docker-compose installed locally
 
-## Local Build and Test
-
-1. `./docker-release.sh --clean`
-1. Open up `version.sbt` in the root to know the directory (or capture in the script output)
-1. Once complete, run a test `./start.sh --version 0.9.4-SNAPSHOT` (replace 0.9.4 with the value in version.sbt).
-1. Login to the portal at http://localhost:9001 to verify everything looks good
-1. Run `./stop.sh` to bring everything down
-
-### Release Process
-
-1. If you are using image signing / docker notary, be sure you set the environment variable `export DOCKER_CONTENT_TRUST=1`.  
-Whether you sign or not is up to your organization.  You need to have notary setup to be able to sign properly.
-1. Be sure to login to your docker registry, typically done by `docker login` in the terminal you will release from.
-1. The actual version number is pulled from the local `version.sbt` based on the branch specified (defaults to master)
-1. Run `./docker-release.sh --push --clean --tag [your tag here] --branch [your branch here]`
-    1. typically the `tag` is a build number that you maintain, for example a build number in Jenkins.  Using this field is recommended.  This value will be appended to the generated version as `-b[TAG]`; for example `0.9.4-b123` if using `123` for the tag.
-    1. the `branch` defaults to `master` if not specified, you can choose any branch or tag from https://github.com/vinyldns/vinyldns
-1. The version generated will be whatever the version is in the `version.sbt` on the `branch` specified (defaults to master)
-1. Each of the images are built using the branch specified and the correct version
-1. The func tests are run with only smoke tests against the API image to verify it is working
-1. If everything passes, and the user specifies `--push`, the images are tagged and released to the docker repository (defaults to docker hub)
-
-### Release Script
-Does a clean build off of remote master and tags it with 
-`./docker-release.sh --clean --push --tag 123`
-
-The release script is used for doing a release.  It takes the following parameters:
-
-- `-b | --branch [BRANCH]` - what branch to pull from, can be any PR branch or a tag like `v0.9.3`, defaults to `master`
-- `-c | --clean` - a flag that indicates to perform a build.  If omitted, the release script will look for a 
-pre-built image locally
-- `-p | --push` - a flag that indicates to push to the remote docker registry.  The default docker registry 
-is `docker.io`
-- `-r | --repository [REPOSITORY]` - a URL to your docker registry, defaults to `docker.io`
-- `-t | --tag [TAG]` - a build qualifer for this build.  For example, pass in the build number for your 
-continuous integration tool
-- `-v | --version [VERSION]` - overrides the version calculation and forces the version passed in.  Used primarily for official releases
-
-## Docker Images
-
-The build will generate several VinylDNS docker images that are used to deploy into any environment VinylDNS
-
-- `vinyldns/api` - this is the heart of the VinylDNS system, the backend API
-- `vinyldns/portal` - the VinylDNS web UI
-
-### vinyldns/api
-
-The default build for vinyldns api assumes an **ALL MYSQL** installation. 
-
-**Environment Variables**
-- `VINYLDNS_VERSION` - this is the version of VinylDNS the API is running, typically you will not set this as 
-it is set as part of the container build
-
-**Volumes**
-- `/opt/docker/conf/` - if you need to have your own application config file.  This is **MANDATORY** for
-any production environments.  Typically, you will add your own `application.conf` file in here with your settings.
-- `/opt/docker/lib_extra/` - if you need to have additional jar files available to your VinylDNS instance.
-Rarely used, but if you want to bring your own message queue or database you can put the `jar` files there
-
-### vinyldns/portal
-
-The default build for vinyldns portal assumes an **ALL MYSQL** installation.
-
-**Environment Variables**
-- `VINYLDNS_VERSION` - this is the version of VinylDNS the API is running, typically you will not set this as 
-it is set as part of the container build
-
-**Volumes**
-- `/opt/docker/conf/` - if you need to have your own application config file.  This is **MANDATORY** for
-any production environments.  Typically, you will add your own `application.conf` file in here with your settings.
-- `/opt/docker/lib_extra/` - if you need to have additional jar files available to your VinylDNS instance.
-Rarely used, but if you want to bring your own message queue or database you can put the `jar` files there

build/assemble_api_jar.sh

@@ -0,0 +1,48 @@
+#!/usr/bin/env bash
+#
+# This script will build the vinyldns.jar file using Docker. The file will
+# be placed in the configured location (currently `assembly/` off of the root)
+#
+set -euo pipefail
+
+DIR=$(
+  cd "$(dirname "$0")"
+  pwd -P
+)
+
+usage() {
+  echo "USAGE: assemble_jar.sh [options]"
+  echo -e "\t-n, --no-clean         do no perform a clean before assembling the jar"
+  echo -e "\t-u, --update           update the underlying docker image"
+}
+
+SKIP_CLEAN=0
+UPDATE_DOCKER=0
+while [[ $# -gt 0 ]]; do
+  case "$1" in
+  --no-clean | -n)
+    SKIP_CLEAN=1
+    shift
+    ;;
+  --update | -u)
+    UPDATE_DOCKER=1
+    shift
+    ;;
+  *)
+    usage
+    exit 1
+    ;;
+  esac
+done
+
+if ! [[ $SKIP_CLEAN -eq 1 ]]; then
+  "${DIR}/deep_clean.sh"
+fi
+
+if [[ $UPDATE_DOCKER -eq 1 ]]; then
+    echo "Pulling latest version of 'vinyldns/build:base-test-integration'"
+    docker pull vinyldns/build:base-test-integration
+fi
+
+echo "Building VinylDNS API jar file"
+docker run -it --rm -e RUN_SERVICES=none -v "${DIR}/..:/build" vinyldns/build:base-test-integration -- sbt 'api/assembly'

build/deep_clean.sh

@@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+#
+# This script will delete all target/ directories and the assembly/ directory
+#
+set -euo pipefail
+DIR=$(
+  cd "$(dirname "$0")"
+  pwd -P
+)
+
+echo "Performing deep clean"
+find "${DIR}/.." -type d -name target -o -name assembly | while read -r p; do if [ -d "$p" ]; then
+  echo -n "Removing $p.."
+  rm -r "$p" || (echo -e "\e[93mError deleting $p, you may need to be root\e[0m"; exit 1)
+  echo "done."
+fi; done

build/docker/.env

@@ -0,0 +1,17 @@
+REST_PORT=9000
+
+# portal settings
+PORTAL_PORT=9001
+PLAY_HTTP_SECRET_KEY=change-this-for-prod
+VINYLDNS_BACKEND_URL=http://vinyldns-integration:9000
+
+SQS_ENDPOINT=http://vinyldns-integration:19003
+MYSQL_ENDPOINT=vinyldns-integration:19002
+TEST_LOGIN=true
+
+JDBC_DRIVER=org.mariadb.jdbc.Driver
+JDBC_URL=jdbc:mariadb://vinyldns-integration:19002/vinyldns?user=root&password=pass
+JDBC_MIGRATION_URL=jdbc:mariadb://vinyldns-integration:19002/?user=root&password=pass
+JDBC_USER=root
+JDBC_PASSWORD=pass
+DEFAULT_DNS_ADDRESS=127.0.0.1:19001

build/docker/README.md

@@ -0,0 +1,80 @@
+## Building VinylDNS
+
+This folder contains scripts and everything you need to build and test VinylDNS from your own machine.
+
+## Pre-requisites
+
+- `docker` - you will need docker and docker-compose installed locally
+
+## Local Build and Test
+
+1. `./docker-release.sh --clean`
+1. Open up `version.sbt` in the root to know the directory (or capture in the script output)
+1. Once complete, run a test `./start.sh --version 0.9.4-SNAPSHOT` (replace 0.9.4 with the value in version.sbt).
+1. Login to the portal at http://localhost:9001 to verify everything looks good
+1. Run `./stop.sh` to bring everything down
+
+### Release Process
+
+1. If you are using image signing / docker notary, be sure you set the environment variable `export DOCKER_CONTENT_TRUST=1`.  
+Whether you sign or not is up to your organization.  You need to have notary setup to be able to sign properly.
+1. Be sure to login to your docker registry, typically done by `docker login` in the terminal you will release from.
+1. The actual version number is pulled from the local `version.sbt` based on the branch specified (defaults to master)
+1. Run `./docker-release.sh --push --clean --tag [your tag here] --branch [your branch here]`
+    1. typically the `tag` is a build number that you maintain, for example a build number in Jenkins.  Using this field is recommended.  This value will be appended to the generated version as `-b[TAG]`; for example `0.9.4-b123` if using `123` for the tag.
+    1. the `branch` defaults to `master` if not specified, you can choose any branch or tag from https://github.com/vinyldns/vinyldns
+1. The version generated will be whatever the version is in the `version.sbt` on the `branch` specified (defaults to master)
+1. Each of the images are built using the branch specified and the correct version
+1. The func tests are run with only smoke tests against the API image to verify it is working
+1. If everything passes, and the user specifies `--push`, the images are tagged and released to the docker repository (defaults to docker hub)
+
+### Release Script
+Does a clean build off of remote master and tags it with 
+`./docker-release.sh --clean --push --tag 123`
+
+The release script is used for doing a release.  It takes the following parameters:
+
+- `-b | --branch [BRANCH]` - what branch to pull from, can be any PR branch or a tag like `v0.9.3`, defaults to `master`
+- `-c | --clean` - a flag that indicates to perform a build.  If omitted, the release script will look for a 
+pre-built image locally
+- `-p | --push` - a flag that indicates to push to the remote docker registry.  The default docker registry 
+is `docker.io`
+- `-r | --repository [REPOSITORY]` - a URL to your docker registry, defaults to `docker.io`
+- `-t | --tag [TAG]` - a build qualifer for this build.  For example, pass in the build number for your 
+continuous integration tool
+- `-v | --version [VERSION]` - overrides the version calculation and forces the version passed in.  Used primarily for official releases
+
+## Docker Images
+
+The build will generate several VinylDNS docker images that are used to deploy into any environment VinylDNS
+
+- `vinyldns/api` - this is the heart of the VinylDNS system, the backend API
+- `vinyldns/portal` - the VinylDNS web UI
+
+### vinyldns/api
+
+The default build for vinyldns api assumes an **ALL MYSQL** installation. 
+
+**Environment Variables**
+- `VINYLDNS_VERSION` - this is the version of VinylDNS the API is running, typically you will not set this as 
+it is set as part of the container build
+
+**Volumes**
+- `/opt/docker/conf/` - if you need to have your own application config file.  This is **MANDATORY** for
+any production environments.  Typically, you will add your own `application.conf` file in here with your settings.
+- `/opt/docker/lib_extra/` - if you need to have additional jar files available to your VinylDNS instance.
+Rarely used, but if you want to bring your own message queue or database you can put the `jar` files there
+
+### vinyldns/portal
+
+The default build for vinyldns portal assumes an **ALL MYSQL** installation.
+
+**Environment Variables**
+- `VINYLDNS_VERSION` - this is the version of VinylDNS the API is running, typically you will not set this as 
+it is set as part of the container build
+
+**Volumes**
+- `/opt/docker/conf/` - if you need to have your own application config file.  This is **MANDATORY** for
+any production environments.  Typically, you will add your own `application.conf` file in here with your settings.
+- `/opt/docker/lib_extra/` - if you need to have additional jar files available to your VinylDNS instance.
+Rarely used, but if you want to bring your own message queue or database you can put the `jar` files there

build/docker/api/application.conf

@@ -152,7 +152,6 @@ vinyldns {
       "high-value-domain.*" # for testing
     ]
     ip-list = [
-      # using reverse zones in the vinyldns/bind9 docker image for testing
       "192.0.2.252",
       "192.0.2.253",
       "fd69:27cc:fe91:0:0:0:0:ffff",

build/docker/docker-compose.yml

@@ -1,28 +1,5 @@
 version: "3.0"
 services:
-  mysql:
-    image: "mysql:5.7"
-    container_name: "vinyldns-mysql"
-    environment:
-      MYSQL_ROOT_PASSWORD: 'pass'
-      MYSQL_ROOT_HOST: '%'
-    logging:
-      driver: none
-    ports:
-      - "19002:3306"
-
-  bind9:
-    build:
-      context: ./test-bind9
-      args:
-          BRANCH: master
-    image: "vinyldns/test-bind9:${VINYLDNS_VERSION}"
-    container_name: "vinyldns-bind9"
-    logging:
-      driver: none
-    ports:
-      - "19001:53/udp"
-      - "19001:53"
 
   api:
     build:
@@ -40,13 +17,28 @@ services:
       - ./api/application.conf:/opt/docker/conf/application.conf
       - ./api/logback.xml:/opt/docker/conf/logback.xml
     depends_on:
-      - mysql
+      - integration
 
   ldap:
-    image: rroemhild/test-openldap
     container_name: "vinyldns-ldap"
+    image: vinyldns/build:openldap
     ports:
-      - "19008:389"
+      - "19004:19004"
+
+  integration:
+    container_name: "vinyldns-api-integration"
+    hostname: "vinyldns-integration"
+    image: "vinyldns-api-integration"
+    build:
+      context: ../
+      dockerfile: test/api/integration/Dockerfile
+    environment:
+      RUN_SERVICES: "deps-only tail-logs"
+    env_file:
+      .env
+    ports:
+      - "19001-19003:19001-19003/tcp"
+      - "19001:19001/udp"
 
   portal:
     build:
@@ -65,13 +57,3 @@ services:
     depends_on:
       - api
       - ldap
-
-  functest:
-    build:
-      context: ./test
-    image: "vinyldns/test:${VINYLDNS_VERSION}"
-    environment:
-      TEST_PATTERN: "test_verify_production"
-    container_name: "vinyldns-functest"
-    depends_on:
-      - api

build/docker/docker-release.sh

@@ -95,7 +95,7 @@ export VINYLDNS_VERSION=$VINYLDNS_VERSION
 echo "VINYLDNS VERSION BEING RELEASED IS $VINYLDNS_VERSION"
 
 if [ $DO_BUILD -eq 1 ]; then
-  docker-compose -f $CURDIR/docker/docker-compose.yml build \
+  docker-compose -f "${CURDIR}/docker-compose.yml" build \
     --no-cache \
     --parallel \
     --build-arg VINYLDNS_VERSION="${VINYLDNS_VERSION}" \
@@ -103,7 +103,7 @@ if [ $DO_BUILD -eq 1 ]; then
 
   if [ $? -eq 0 ]; then
     # Runs smoke tests to make sure the new images are sound
-    docker-compose -f $CURDIR/docker/docker-compose.yml --log-level ERROR up --exit-code-from functest
+    docker-compose -f "${CURDIR}/docker-compose.yml" --log-level ERROR up --exit-code-from functest
   fi
 
   if [ $? -eq 0 ]; then

build/docker/start.sh

@@ -10,19 +10,16 @@ function usage() {
 }
 
 function wait_for_url() {
-  URL=$1
+  echo -n "Checking ${URL}..."
-  DATA=""
+  RETRY="$TIMEOUT"
-  RETRY="60"
-  echo "pinging $URL ..."
   while [ "$RETRY" -gt 0 ]; do
-    DATA=$(curl -I -s "${URL}" -o /dev/null -w "%{http_code}")
+    if curl -I -s "${URL}" -o /dev/null -w "%{http_code}" &>/dev/null || false; then
-    if [ $? -eq 0 ]; then
       echo "Succeeded in connecting to ${URL}!"
       break
     else
-      echo "Retrying" >&2
+      echo -n "."
 
-      let RETRY-=1
+      ((RETRY -= 1))
       sleep 1
 
       if [ "$RETRY" -eq 0 ]; then
@@ -58,7 +55,7 @@ else
 fi
 
 # Actually starts up our docker images
-docker-compose -f $CURDIR/docker/docker-compose.yml up --no-build -d api portal
+docker-compose -f "${CURDIR}/docker/docker-compose.yml" up --no-build -d api portal
 
 # Waits for the URL to be available
 wait_for_url "http://localhost:9001"
@@ -68,6 +65,6 @@ if [ $? -eq 0 ]; then
   exit 0
 else
   echo "VinylDNS startup failed!"
-  $CURDIR/stop.sh
+  "${CURDIR}/stop.sh"
   exit 1
 fi

build/docker/test-bind9/Dockerfile

@@ -1,11 +0,0 @@
-FROM alpine/git:1.0.7 as gitcheckout
-
-ARG BRANCH=master
-
-RUN git clone -b ${BRANCH} --single-branch --depth 1 https://github.com/vinyldns/vinyldns.git /vinyldns
-
-FROM vinyldns/bind9:0.0.5
-
-COPY --from=gitcheckout /vinyldns/docker/bind9/zones/* /var/cache/bind/zones/
-
-COPY --from=gitcheckout /vinyldns/docker/bind9/etc/named.conf.local /var/cache/bind/config

build/func-test-api.sh

@@ -1,4 +1,7 @@
 #!/usr/bin/env bash
+#
+# This script will perform the functional tests for the API using Docker
+#
 set -euo pipefail
 
 DIR=$(cd -P -- "$(dirname -- "$0")" && pwd -P)

build/func-test-portal.sh

@@ -1,4 +1,7 @@
 #!/usr/bin/env bash
+#
+# This script will perform the functional tests for the Portal using Docker
+#
 set -euo pipefail
 
 DIR=$(cd -P -- "$(dirname -- "$0")" && pwd -P)

build/prepare_release.sh

@@ -0,0 +1,27 @@
+#!/usr/bin/env bash
+set -euo pipefail
+DIR=$(cd -P -- "$(dirname -- "$0")" && pwd -P)
+
+source "${DIR}/../utils/includes/terminal_colors.sh"
+
+if [ ! -d "${DIR}/../assembly" ] || [ ! -f "${DIR}/../assembly/vinyldns.jar" ]; then
+  echo -e "${F_YELLOW}Warning:${F_RESET} you might want to run 'build/assemble_api_jar.sh' first to improve performance"
+fi
+
+echo "Running unit and integration tests..."
+if ! "${DIR}/verify.sh"; then
+  echo "Error running unit and integration tests."
+  exit 1
+fi
+
+echo "Running API functional tests..."
+if ! "${DIR}/func-test-api.sh"; then
+  echo "Error running API functional tests"
+  exit 1
+fi
+
+echo "Running Portal functional tests..."
+if ! "${DIR}/func-test-portal.sh"; then
+  echo "Error running Portal functional tests"
+  exit 1
+fi

build/verify.sh

@@ -0,0 +1,7 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+DIR=$(cd -P -- "$(dirname -- "$0")" && pwd -P)
+
+cd "$DIR/../test/api/integration"
+make build && make run WITH_ARGS="bash -c \"sbt ';validate' && sbt ';verify'\""

modules/api/src/it/resources/application.conf

@@ -66,7 +66,6 @@ vinyldns {
       "high-value-domain.*" # for testing
     ]
     ip-list = [
-      # using reverse zones in the vinyldns/bind9 docker image for testing
       "192.0.2.252",
       "192.0.2.253",
       "fd69:27cc:fe91:0:0:0:0:ffff",

modules/api/src/main/resources/application.conf

@@ -41,7 +41,7 @@ vinyldns {
       access-key = "x"
       secret-key = "x"
     }
-  }  
+  }
   data-stores = ["mysql"]
 
   mysql {
@@ -105,7 +105,6 @@ vinyldns {
       "high-value-domain.*" # for testing
     ]
     ip-list = [
-      # using reverse zones in the vinyldns/bind9 docker image for testing
       "192.0.2.252",
       "192.0.2.253",
       "fd69:27cc:fe91:0:0:0:0:ffff",

modules/api/src/test/resources/application.conf

@@ -33,7 +33,6 @@ vinyldns {
       "high-value-domain.*" # for testing
     ]
     ip-list = [
-      # using reverse zones in the vinyldns/bind9 docker image for testing
       "192.0.2.252",
       "192.0.2.253",
       "fd69:27cc:fe91:0:0:0:0:ffff",

modules/api/src/test/scala/vinyldns/api/ResultHelpers.scala

@@ -35,13 +35,13 @@ trait ResultHelpers {
   private implicit val cs: ContextShift[IO] =
     IO.contextShift(scala.concurrent.ExecutionContext.global)
 
-  def await[T](f: => IO[_], duration: FiniteDuration = 1.second): T =
+  def await[T](f: => IO[_], duration: FiniteDuration = 60.seconds): T =
     awaitResultOf[T](f.map(_.asInstanceOf[T]).attempt, duration).toOption.get
 
   // Waits for the future to complete, then returns the value as an Either[Throwable, T]
   def awaitResultOf[T](
       f: => IO[Either[Throwable, T]],
-      duration: FiniteDuration = 1.second
+      duration: FiniteDuration = 60.seconds
   ): Either[Throwable, T] = {
 
     val timeOut = IO.sleep(duration) *> IO(
@@ -55,7 +55,7 @@ trait ResultHelpers {
   }
 
   // Assumes that the result of the future operation will be successful, this will fail on a left disjunction
-  def rightResultOf[T](f: => IO[Either[Throwable, T]], duration: FiniteDuration = 1.second): T =
+  def rightResultOf[T](f: => IO[Either[Throwable, T]], duration: FiniteDuration = 60.seconds): T =
     awaitResultOf[T](f, duration) match {
       case Right(result) => result
       case Left(error) => throw error
@@ -64,7 +64,7 @@ trait ResultHelpers {
   // Assumes that the result of the future operation will fail, this will error on a right disjunction
   def leftResultOf[T](
       f: => IO[Either[Throwable, T]],
-      duration: FiniteDuration = 1.second
+      duration: FiniteDuration = 60.seconds
   ): Throwable = awaitResultOf(f, duration).swap.toOption.get
 
   def leftValue[T](t: Either[Throwable, T]): Throwable = t.swap.toOption.get

modules/api/src/universal/conf/application.conf

@@ -79,7 +79,7 @@ vinyldns {
     name = "vinyldns."
     keyName = "vinyldns."
     key = "nzisn+4G2ldMn0q1CV3vsg=="
-    primaryServer = "vinyldns-bind9"
+    primaryServer = "localhost:19001"
   }
 
   # the AXFR connection information for the default dns backend
@@ -87,7 +87,7 @@ vinyldns {
     name = "vinyldns."
     keyName = "vinyldns."
     key = "nzisn+4G2ldMn0q1CV3vsg=="
-    primaryServer = "vinyldns-bind9"
+    primaryServer = "localhost:19001"
   }
 
   backends = [
@@ -97,13 +97,13 @@ vinyldns {
         name = "vinyldns."
         key-name = "vinyldns."
         key = "nzisn+4G2ldMn0q1CV3vsg=="
-        primary-server = "vinyldns-bind9"
+        primary-server = "localhost:19001"
       }
       transfer-connection {
         name = "vinyldns."
         key-name = "vinyldns."
         key = "nzisn+4G2ldMn0q1CV3vsg=="
-        primary-server = "vinyldns-bind9"
+        primary-server = "localhost:19001"
       }
     }
   ]

modules/docs/src/main/mdoc/operator/config-api.md

@@ -303,7 +303,7 @@ vinyldns {
     name = "vinyldns."
     keyName = "vinyldns."
     key = "nzisn+4G2ldMn0q1CV3vsg=="
-    primaryServer = "vinyldns-bind9"
+    primaryServer = "localhost:19001"
     algorithm = "HMAC-MD5"
   }
 }
@@ -609,7 +609,7 @@ vinyldns {
     name = "vinyldns."
     keyName = "vinyldns."
     key = "nzisn+4G2ldMn0q1CV3vsg=="
-    primaryServer = "vinyldns-bind9"
+    primaryServer = "localhost:19001"
     algorithm = "HMAC-MD5"
   }
 
@@ -618,7 +618,7 @@ vinyldns {
     name = "vinyldns."
     keyName = "vinyldns."
     key = "nzisn+4G2ldMn0q1CV3vsg=="
-    primaryServer = "vinyldns-bind9"
+    primaryServer = "localhost:19001"
     algorithm = "HMAC-MD5"
   }
 

quickstart/.env

@@ -1,17 +1,22 @@
-REST_PORT=9000
+# General settings
+VINYLDNS_API_URL=http://localhost:9000
+VINYLDNS_PORTAL_URL=http://localhost:9001
 
-# portal settings
+# Portal settings
 PORTAL_PORT=9001
 PLAY_HTTP_SECRET_KEY=change-this-for-prod
-VINYLDNS_BACKEND_URL=http://vinyldns-integration:9000
+VINYLDNS_BACKEND_URL=http://vinyldns-api:9000
+TEST_LOGIN=false
 
+# API Settings
+REST_PORT=9000
 SQS_ENDPOINT=http://vinyldns-integration:19003
+SNS_SERVICE_ENDPOINT=http://vinyldns-integration:19003
 MYSQL_ENDPOINT=vinyldns-integration:19002
-TEST_LOGIN=true
+DEFAULT_DNS_ADDRESS=vinyldns-integration:19001
 
 JDBC_DRIVER=org.mariadb.jdbc.Driver
 JDBC_URL=jdbc:mariadb://vinyldns-integration:19002/vinyldns?user=root&password=pass
 JDBC_MIGRATION_URL=jdbc:mariadb://vinyldns-integration:19002/?user=root&password=pass
 JDBC_USER=root
 JDBC_PASSWORD=pass
-DEFAULT_DNS_ADDRESS=127.0.0.1:19001

quickstart/README.md

@@ -0,0 +1,35 @@
+# VinylDNS QuickStart
+
+To get started with VinylDNS, you can experiment with the QuickStart.
+
+QuickStart utilizes Docker Compose to start up the VinylDNS API and Portal along with required dependencies such as:
+
+- MySQL
+- OpenLDAP
+- SQS
+- SNS
+- BIND 9
+
+## Running
+
+To run the QuickStart, you will need the following prerequisites:
+
+- Docker
+- Docker Compose
+
+From a shell in the `quickstart/` directory, simply run:
+
+```shell script
+./quickstart-vinyldns.sh
+```
+The `quickstart-vinyldns.sh` script takes a number of optional arguments:
+
+| Flag | Description |
+|:---|:---|
+| -a, --api-only    | do not start up the VinylDNS Portal|
+| -b, --build       | force a rebuild of the Docker images with the local code|
+| -r, --reset       | reset any the running containers|
+| -s, --service     | specify the service to run|
+| -t, --timeout     | the time to wait (in seconds) for the portal and API to start (default: 60)|
+| -u, --update      | remove the local quickstart images to force a re-pull from docker hub|
+| -v, --version-tag | specify Docker image tag version (default: latest)|

quickstart/api/Dockerfile

@@ -0,0 +1,39 @@
+# Build VinylDNS API if the JAR doesn't already exist
+ARG VINYLDNS_VERSION=latest
+FROM vinyldns/build:base-build as base-build
+ARG DOCKER_FILE_PATH
+COPY . /build/
+WORKDIR /build
+
+##  Run the build if we don't already have a vinyldns.jar
+RUN mkdir -p /opt/vinyldns/conf && \
+    if [ -f assembly/vinyldns.jar ]; then cp assembly/vinyldns.jar /opt/vinyldns/; fi && \
+    if [ ! -f /opt/vinyldns/vinyldns.jar ]; then \
+      env SBT_OPTS="-XX:+UseConcMarkSweepGC -Xmx4G -Xms1G" \
+      sbt -Dbuild.scalafmtOnCompile=false -Dbuild.lintOnCompile=fase ";project api;coverageOff;assembly" \
+      && cp assembly/vinyldns.jar /opt/vinyldns/; \
+    fi
+
+FROM adoptopenjdk/openjdk11:jdk-11.0.8_10-alpine
+
+RUN apk add --update --no-cache bash
+
+COPY --from=base-build /opt/vinyldns /opt/vinyldns
+
+# This will set the vinyldns version, make sure to have this in config... version = ${?VINYLDNS_VERSION}
+ARG VINYLDNS_VERSION="0.0.0-local-dev"
+ENV VINYLDNS_VERSION=$VINYLDNS_VERSION
+
+RUN mkdir -p /opt/vinyldns/lib_extra
+
+# Mount the volume for config file and lib extras
+# Note: These volume names are used in the build.sbt
+VOLUME ["/opt/vinyldns/lib_extra/", "/opt/vinyldns/conf"]
+
+EXPOSE 9000
+
+ENTRYPOINT ["java", "-Dconfig.file=/opt/vinyldns/conf/vinyldns.conf", \
+                    "-Dlogback.configurationFile=/opt/vinyldns/conf/logback.xml",\
+                    "-Dvinyldns.base-version=${VINYLDNS_VERSION}",\
+                    "-cp", "/opt/vinyldns/lib_extra/*",\
+                    "-jar", "/opt/vinyldns/vinyldns.jar"]

quickstart/api/Makefile

@@ -0,0 +1,46 @@
+SHELL=bash
+IMAGE_NAME=vinyldns/api:local-dev
+ROOT_DIR:=$(shell dirname $(realpath  $(lastword $(MAKEFILE_LIST))))
+
+# Check that the required version of make is being used
+REQ_MAKE_VER:=3.82
+ifneq ($(REQ_MAKE_VER),$(firstword $(sort $(MAKE_VERSION) $(REQ_MAKE_VER))))
+   $(error The version of MAKE $(REQ_MAKE_VER) or higher is required; you are running $(MAKE_VERSION))
+endif
+
+# Extract arguments for `make run`
+EXTRACT_ARGS=true
+ifeq (run,$(firstword $(MAKECMDGOALS)))
+	EXTRACT_ARGS=true
+endif
+ifeq ($(EXTRACT_ARGS),true)
+  # use the rest as arguments for "run"
+  WITH_ARGS ?= $(wordlist 2,$(words $(MAKECMDGOALS)),$(MAKECMDGOALS))
+endif
+ifdef $(WITH_ARGS)
+	ARG_SEPARATOR=--
+endif
+
+%:
+	@:
+
+.ONESHELL:
+
+.PHONY: all build run
+
+all: build run
+
+build:
+	@set -euo pipefail
+	cd ../..
+	docker build -t $(IMAGE_NAME) --build-arg DOCKER_FILE_PATH="$$(realpath --relative-to="." "$(ROOT_DIR)")" -f "$(ROOT_DIR)/Dockerfile" .
+
+run:
+	@set -euo pipefail
+	docker run -it --rm $(DOCKER_PARAMS) -v "$$(pwd)/application.conf:/opt/vinyldns/conf/vinyldns.conf" -v "$$(pwd)/logback.xml:/opt/vinyldns/conf/logback.xml" -p 9000:9000 $(IMAGE_NAME) $(ARG_SEPARATOR) $(WITH_ARGS)
+
+run-bg:
+	@set -euo pipefail
+	docker stop $(IMAGE_NAME) &> /dev/null || true
+	docker rm $(IMAGE_NAME) &> /dev/null || true
+	docker run -td --name $(IMAGE_NAME) --rm $(DOCKER_PARAMS) -v "$$(pwd)/application.conf:/opt/vinyldns/conf/vinyldns.conf" -v "$$(pwd)/logback.xml:/opt/vinyldns/conf/logback.xml" -p 9001:9001 $(IMAGE_NAME) -- /bin/bash

quickstart/api/application.conf

@@ -0,0 +1,346 @@
+vinyldns {
+
+  base-version = "0.0.0-local-dev"
+  version = ${vinyldns.base-version} # default to the base version if not overridden
+  version = ${?VINYLDNS_VERSION} # override the base version via env var
+
+  # How often to any particular zone can be synchronized in milliseconds
+  sync-delay = 10000
+  sync-delay = ${?SYNC_DELAY}
+
+  # If we should start up polling for change requests, set this to false for the inactive cluster
+  processing-disabled = false
+  processing-disabled = ${?PROCESSING_DISABLED}
+
+  # Number of records that can be in a zone
+  max-zone-size = 60000
+  max-zone-size = ${?MAX_ZONE_SIZE}
+
+  # Types of unowned records that users can access in shared zones
+  shared-approved-types = ["A", "AAAA", "CNAME", "PTR", "TXT"]
+
+  # Batch change settings
+  batch-change-limit = 1000
+  batch-change-limit = ${?BATCH_CHANGE_LIMIT}
+  manual-batch-review-enabled = true
+  manual-batch-review-enabled = ${?MANUAL_BATCH_REVIEW_ENABLED}
+  scheduled-changes-enabled = true
+  scheduled-changes-enabled = ${?SCHEDULED_CHANGES_ENABLED}
+  multi-record-batch-change-enabled = true
+  multi-record-batch-change-enabled = ${?MULTI_RECORD_BATCH_CHANGE_ENABLED}
+
+  # configured backend providers
+  backend {
+    # Use "default" when dns backend legacy = true
+    # otherwise, use the id of one of the connections in any of your backends
+    default-backend-id = "default"
+
+    # this is where we can save additional backends
+    backend-providers = [
+      {
+        class-name = "vinyldns.api.backend.dns.DnsBackendProviderLoader"
+        settings = {
+          legacy = false
+          backends = [
+            {
+              id = "default"
+              zone-connection = {
+                name = "vinyldns."
+                key-name = "vinyldns."
+                key-name = ${?DEFAULT_DNS_KEY_NAME}
+                key = "nzisn+4G2ldMn0q1CV3vsg=="
+                key = ${?DEFAULT_DNS_KEY_SECRET}
+                primary-server = "127.0.0.1"
+                primary-server = ${?DEFAULT_DNS_ADDRESS}
+              }
+              transfer-connection = {
+                name = "vinyldns."
+                key-name = "vinyldns."
+                key-name = ${?DEFAULT_DNS_KEY_NAME}
+                key = "nzisn+4G2ldMn0q1CV3vsg=="
+                key = ${?DEFAULT_DNS_KEY_SECRET}
+                primary-server = "127.0.0.1"
+                primary-server = ${?DEFAULT_DNS_ADDRESS}
+              },
+              tsig-usage = "always"
+            },
+            {
+              id = "func-test-backend"
+              zone-connection = {
+                name = "vinyldns."
+                key-name = "vinyldns."
+                key-name = ${?DEFAULT_DNS_KEY_NAME}
+                key = "nzisn+4G2ldMn0q1CV3vsg=="
+                key = ${?DEFAULT_DNS_KEY_SECRET}
+                primary-server = "127.0.0.1"
+                primary-server = ${?DEFAULT_DNS_ADDRESS}
+              }
+              transfer-connection = {
+                name = "vinyldns."
+                key-name = "vinyldns."
+                key-name = ${?DEFAULT_DNS_KEY_NAME}
+                key = "nzisn+4G2ldMn0q1CV3vsg=="
+                key = ${?DEFAULT_DNS_KEY_SECRET}
+                primary-server = "127.0.0.1"
+                primary-server = ${?DEFAULT_DNS_ADDRESS}
+              },
+              tsig-usage = "always"
+            }
+          ]
+        }
+      }
+    ]
+  }
+
+
+  queue {
+    class-name = "vinyldns.sqs.queue.SqsMessageQueueProvider"
+
+    messages-per-poll = 10
+    polling-interval = 250.millis
+
+    settings {
+      # AWS access key and secret.
+      access-key = "test"
+      access-key = ${?AWS_ACCESS_KEY}
+      secret-key = "test"
+      secret-key = ${?AWS_SECRET_ACCESS_KEY}
+
+      # Regional endpoint to make your requests (eg. 'us-west-2', 'us-east-1', etc.). This is the region where your queue is housed.
+      signing-region = "us-east-1"
+      signing-region = ${?SQS_REGION}
+
+      # Endpoint to access queue
+      service-endpoint = "http://vinyldns-integration:19003/"
+      service-endpoint = ${?SQS_SERVICE_ENDPOINT}
+
+      # Queue name. Should be used in conjunction with service endpoint, rather than using a queue url which is subject to change.
+      queue-name = "vinyldns"
+      queue-name = ${?SQS_QUEUE_NAME}
+    }
+  }
+
+  email {
+    class-name = "vinyldns.api.notifier.email.EmailNotifierProvider"
+    class-name = ${?EMAIL_CLASS_NAME}
+    settings = {
+      from = "VinylDNS <do-not-reply@vinyldns.io>"
+    }
+  }
+
+  sns {
+    class-name = "vinyldns.apadi.notifier.sns.SnsNotifierProvider"
+    class-name = ${?SNS_CLASS_NAME}
+    settings {
+      topic-arn = "arn:aws:sns:us-east-1:000000000000:batchChanges"
+      topic-arn = ${?SNS_TOPIC_ARN}
+      access-key = "test"
+      access-key = ${?SNS_ACCESS_KEY}
+      secret-key = "test"
+      secret-key = ${?SNS_SECRET_KEY}
+      service-endpoint = "http://vinyldns-integration:19003"
+      service-endpoint = ${?SNS_SERVICE_ENDPOINT}
+      signing-region = "us-east-1"
+      signing-region  = ${?SNS_REGION}
+    }
+  }
+
+  rest {
+    host = "0.0.0.0"
+    port = 9000
+    port=${?API_SERVICE_PORT}
+  }
+
+
+  approved-name-servers = [
+    "172.17.42.1.",
+    "ns1.parent.com."
+    "ns1.parent.com1."
+    "ns1.parent.com2."
+    "ns1.parent.com3."
+    "ns1.parent.com4."
+  ]
+
+  crypto {
+    type = "vinyldns.core.crypto.NoOpCrypto"
+  }
+
+  data-stores = ["mysql"]
+
+  mysql {
+    settings {
+      # JDBC Settings, these are all values in scalikejdbc-config, not our own
+      # these must be overridden to use MYSQL for production use
+      # assumes a docker or mysql instance running locally
+      name = "vinyldns"
+      name = ${?DATABASE_NAME}
+      driver = "org.h2.Driver"
+      driver = ${?JDBC_DRIVER}
+      migration-url = "jdbc:h2:mem:vinyldns;MODE=MYSQL;DB_CLOSE_DELAY=-1;DATABASE_TO_LOWER=TRUE;IGNORECASE=TRUE;INIT=RUNSCRIPT FROM 'classpath:test/ddl.sql'"
+      migration-url = ${?JDBC_MIGRATION_URL}
+      url = "jdbc:h2:mem:vinyldns;MODE=MYSQL;DB_CLOSE_DELAY=-1;DATABASE_TO_LOWER=TRUE;IGNORECASE=TRUE;INIT=RUNSCRIPT FROM 'classpath:test/ddl.sql'"
+      url = ${?JDBC_URL}
+      user = "sa"
+      user = ${?JDBC_USER}
+      password = ""
+      password = ${?JDBC_PASSWORD}
+      # see https://github.com/brettwooldridge/HikariCP
+      connection-timeout-millis = 1000
+      idle-timeout = 10000
+      max-lifetime = 600000
+      maximum-pool-size = 20
+      minimum-idle = 20
+      register-mbeans = true
+    }
+    # Repositories that use this data store are listed here
+    repositories {
+      zone {
+        # no additional settings for now
+      }
+      batch-change {
+        # no additional settings for now
+      }
+      user {
+
+      }
+      record-set {
+
+      }
+      group {
+
+      }
+      membership {
+
+      }
+      group-change {
+
+      }
+      zone-change {
+
+      }
+      record-change {
+
+      }
+    }
+  }
+
+  backends = []
+
+
+  # FQDNs / IPs that cannot be modified via VinylDNS
+  # regex-list used for all record types except PTR
+  # ip-list used exclusively for PTR records
+  high-value-domains = {
+    regex-list = [
+      "high-value-domain.*" # for testing
+    ]
+    ip-list = [
+      # using reverse zones in the vinyldns/bind9 docker image for testing
+      "192.0.2.252",
+      "192.0.2.253",
+      "fd69:27cc:fe91:0:0:0:0:ffff",
+      "fd69:27cc:fe91:0:0:0:ffff:0"
+    ]
+  }
+
+  # FQDNs / IPs / zone names that require manual review upon submission in batch change interface
+  # domain-list used for all record types except PTR
+  # ip-list used exclusively for PTR records
+  manual-review-domains = {
+    domain-list = [
+      "needs-review.*"
+    ]
+    ip-list = [
+      "192.0.1.254",
+      "192.0.1.255",
+      "192.0.2.254",
+      "192.0.2.255",
+      "192.0.3.254",
+      "192.0.3.255",
+      "192.0.4.254",
+      "192.0.4.255",
+      "fd69:27cc:fe91:0:0:0:ffff:1",
+      "fd69:27cc:fe91:0:0:0:ffff:2",
+      "fd69:27cc:fe92:0:0:0:ffff:1",
+      "fd69:27cc:fe92:0:0:0:ffff:2",
+      "fd69:27cc:fe93:0:0:0:ffff:1",
+      "fd69:27cc:fe93:0:0:0:ffff:2",
+      "fd69:27cc:fe94:0:0:0:ffff:1",
+      "fd69:27cc:fe94:0:0:0:ffff:2"
+    ]
+    zone-name-list = [
+      "zone.requires.review."
+      "zone.requires.review1."
+      "zone.requires.review2."
+      "zone.requires.review3."
+      "zone.requires.review4."
+    ]
+  }
+
+  # FQDNs / IPs that cannot be modified via VinylDNS
+  # regex-list used for all record types except PTR
+  # ip-list used exclusively for PTR records
+  high-value-domains = {
+    regex-list = [
+      "high-value-domain.*" # for testing
+    ]
+    ip-list = [
+      # using reverse zones in the vinyldns/bind9 docker image for testing
+      "192.0.1.252",
+      "192.0.1.253",
+      "192.0.2.252",
+      "192.0.2.253",
+      "192.0.3.252",
+      "192.0.3.253",
+      "192.0.4.252",
+      "192.0.4.253",
+      "fd69:27cc:fe91:0:0:0:0:ffff",
+      "fd69:27cc:fe91:0:0:0:ffff:0",
+      "fd69:27cc:fe92:0:0:0:0:ffff",
+      "fd69:27cc:fe92:0:0:0:ffff:0",
+      "fd69:27cc:fe93:0:0:0:0:ffff",
+      "fd69:27cc:fe93:0:0:0:ffff:0",
+      "fd69:27cc:fe94:0:0:0:0:ffff",
+      "fd69:27cc:fe94:0:0:0:ffff:0"
+    ]
+  }
+
+  global-acl-rules = [
+    {
+      group-ids: ["global-acl-group-id"],
+      fqdn-regex-list: [".*shared[0-9]{1}."]
+    },
+    {
+      group-ids: ["another-global-acl-group"],
+      fqdn-regex-list: [".*ok[0-9]{1}."]
+    }
+  ]
+}
+
+akka {
+  loglevel = "INFO"
+  loggers = ["akka.event.slf4j.Slf4jLogger"]
+  logging-filter = "akka.event.slf4j.Slf4jLoggingFilter"
+  logger-startup-timeout = 30s
+
+  actor {
+    provider = "akka.actor.LocalActorRefProvider"
+  }
+}
+
+akka.http {
+  server {
+    # The time period within which the TCP binding process must be completed.
+    # Set to `infinite` to disable.
+    bind-timeout = 5s
+
+    # Show verbose error messages back to the client
+    verbose-error-messages = on
+  }
+
+  parsing {
+    # Spray doesn't like the AWS4 headers
+    illegal-header-warnings = on
+  }
+}
+

quickstart/api/logback.xml

@@ -0,0 +1,32 @@
+<configuration>
+    <!-- Test configuration, log to console so we can get the docker logs -->
+    <appender name="CONSOLE" class="ch.qos.logback.core.ConsoleAppender">
+        <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+            <pattern>%d [test] %-5p | \(%logger{4}:%line\) | %msg %n</pattern>
+        </encoder>
+    </appender>
+
+    <logger name="org.flywaydb" level="DEBUG">
+        <appender-ref ref="CONSOLE"/>
+    </logger>
+
+    <logger name="org.flywaydb.core.internal.dbsupport.SqlScript" level="DEBUG">
+        <appender-ref ref="CONSOLE"/>
+    </logger>
+
+    <logger name="org.flywaydb.core.internal.command.DbMigrate" level="DEBUG">
+        <appender-ref ref="CONSOLE"/>
+    </logger>
+
+    <logger name="vinyldns.core.route.Monitor" level="OFF">
+        <appender-ref ref="CONSOLE"/>
+    </logger>
+
+    <logger name="scalikejdbc.StatementExecutor$$anon$1" level="OFF">
+        <appender-ref ref="CONSOLE"/>
+    </logger>
+
+    <root level="INFO">
+        <appender-ref ref="CONSOLE"/>
+    </root>
+</configuration>

quickstart/bind9/etc/_template/named.partition.conf

@@ -1,186 +1,186 @@
-zone "vinyldns{partition}" {
+zone "vinyldns" {
 	type master;
-	file "/var/bind/partition{partition}/vinyldns.hosts";
+	file "/var/bind/partition/vinyldns.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
 zone "old-vinyldns2{partition}" {
 	type master;
-	file "/var/bind/partition{partition}/old-vinyldns2.hosts";
+	file "/var/bind/partition/old-vinyldns2.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
 zone "old-vinyldns3{partition}" {
 	type master;
-	file "/var/bind/partition{partition}/old-vinyldns3.hosts";
+	file "/var/bind/partition/old-vinyldns3.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
-zone "dummy{partition}" {
+zone "dummy" {
 	type master;
-	file "/var/bind/partition{partition}/dummy.hosts";
+	file "/var/bind/partition/dummy.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
-zone "ok{partition}" {
+zone "ok" {
 	type master;
-	file "/var/bind/partition{partition}/ok.hosts";
+	file "/var/bind/partition/ok.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
-zone "shared{partition}" {
+zone "shared" {
 	type master;
-	file "/var/bind/partition{partition}/shared.hosts";
+	file "/var/bind/partition/shared.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
-zone "non.test.shared{partition}" {
+zone "non.test.shared" {
   type master;
-  file "/var/bind/partition{partition}/non.test.shared.hosts";
+  file "/var/bind/partition/non.test.shared.hosts";
   allow-update { key "vinyldns."; };
   };
 
-zone "system-test{partition}" {
+zone "system-test" {
 	type master;
-	file "/var/bind/partition{partition}/system-test.hosts";
+	file "/var/bind/partition/system-test.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
-zone "system-test-history{partition}" {
+zone "system-test-history" {
 	type master;
-	file "/var/bind/partition{partition}/system-test-history.hosts";
+	file "/var/bind/partition/system-test-history.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
 zone "{partition}.10.in-addr.arpa" {
 	type master;
-	file "/var/bind/partition{partition}/10.10.in-addr.arpa";
+	file "/var/bind/partition/10.10.in-addr.arpa";
 	allow-update { key "vinyldns."; };
 	};
 
 zone "{partition}.0.192.in-addr.arpa" {
 	type master;
-	file "/var/bind/partition{partition}/2.0.192.in-addr.arpa";
+	file "/var/bind/partition/2.0.192.in-addr.arpa";
 	allow-update { key "vinyldns."; };
 	};
 
 zone "192/30.{partition}.0.192.in-addr.arpa" {
 	type master;
-	file "/var/bind/partition{partition}/192^30.2.0.192.in-addr.arpa";
+	file "/var/bind/partition/192^30.2.0.192.in-addr.arpa";
 	allow-update { key "vinyldns."; };
 	};
 
 zone "{partition}.9.e.f.c.c.7.2.9.6.d.f.ip6.arpa" {
 	type master;
-	file "/var/bind/partition{partition}/1.9.e.f.c.c.7.2.9.6.d.f.ip6.arpa";
+	file "/var/bind/partition/1.9.e.f.c.c.7.2.9.6.d.f.ip6.arpa";
 	allow-update { key "vinyldns."; };
 	};
 
 zone "0.0.0.1.{partition}.9.e.f.c.c.7.2.9.6.d.f.ip6.arpa" {
 	type master;
-	file "/var/bind/partition{partition}/0.0.0.1.1.9.e.f.c.c.7.2.9.6.d.f.ip6.arpa";
+	file "/var/bind/partition/0.0.0.1.1.9.e.f.c.c.7.2.9.6.d.f.ip6.arpa";
 	allow-update { key "vinyldns."; };
 	};
 
-zone "one-time{partition}" {
+zone "one-time" {
 	type master;
-	file "/var/bind/partition{partition}/one-time.hosts";
+	file "/var/bind/partition/one-time.hosts";
 	allow-update { key "vinyldns."; key "vinyldns-sha1."; key "vinyldns-sha224."; key "vinyldns-sha256."; key "vinyldns-sha384."; key "vinyldns-sha512."; };
 	};
 
-zone "sync-test{partition}" {
+zone "sync-test" {
 	type master;
-	file "/var/bind/partition{partition}/sync-test.hosts";
+	file "/var/bind/partition/sync-test.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
-zone "invalid-zone{partition}" {
+zone "invalid-zone" {
 	type master;
-	file "/var/bind/partition{partition}/invalid-zone.hosts";
+	file "/var/bind/partition/invalid-zone.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
 zone "list-zones-test-searched-1{partition}" {
 	type master;
-	file "/var/bind/partition{partition}/list-zones-test-searched-1.hosts";
+	file "/var/bind/partition/list-zones-test-searched-1.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
 zone "list-zones-test-searched-2{partition}" {
 	type master;
-	file "/var/bind/partition{partition}/list-zones-test-searched-2.hosts";
+	file "/var/bind/partition/list-zones-test-searched-2.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
 zone "list-zones-test-searched-3{partition}" {
 	type master;
-	file "/var/bind/partition{partition}/list-zones-test-searched-3.hosts";
+	file "/var/bind/partition/list-zones-test-searched-3.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
 zone "list-zones-test-unfiltered-1{partition}" {
 	type master;
-	file "/var/bind/partition{partition}/list-zones-test-unfiltered-1.hosts";
+	file "/var/bind/partition/list-zones-test-unfiltered-1.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
 zone "list-zones-test-unfiltered-2{partition}" {
 	type master;
-	file "/var/bind/partition{partition}/list-zones-test-unfiltered-2.hosts";
+	file "/var/bind/partition/list-zones-test-unfiltered-2.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
-zone "one-time-shared{partition}" {
+zone "one-time-shared" {
 	type master;
-	file "/var/bind/partition{partition}/one-time-shared.hosts";
+	file "/var/bind/partition/one-time-shared.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
-zone "parent.com{partition}" {
+zone "parent.com" {
 	type master;
-	file "/var/bind/partition{partition}/parent.com.hosts";
+	file "/var/bind/partition/parent.com.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
-zone "child.parent.com{partition}" {
+zone "child.parent.com" {
 	type master;
-	file "/var/bind/partition{partition}/child.parent.com.hosts";
+	file "/var/bind/partition/child.parent.com.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
-zone "example.com{partition}" {
+zone "example.com" {
 	type master;
-	file "/var/bind/partition{partition}/example.com.hosts";
+	file "/var/bind/partition/example.com.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
-zone "dskey.example.com{partition}" {
+zone "dskey.example.com" {
 	type master;
-	file "/var/bind/partition{partition}/dskey.example.com.hosts";
+	file "/var/bind/partition/dskey.example.com.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
-zone "not.loaded{partition}" {
+zone "not.loaded" {
 	type master;
-	file "/var/bind/partition{partition}/not.loaded.hosts";
+	file "/var/bind/partition/not.loaded.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
-zone "zone.requires.review{partition}" {
+zone "zone.requires.review" {
 	type master;
-	file "/var/bind/partition{partition}/zone.requires.review.hosts";
+	file "/var/bind/partition/zone.requires.review.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
-zone "list-records{partition}" {
+zone "list-records" {
 	type master;
-	file "/var/bind/partition{partition}/list-records.hosts";
+	file "/var/bind/partition/list-records.hosts";
 	allow-update { key "vinyldns."; };
 	};
 
-zone "open{partition}" {
+zone "open" {
 	type master;
-	file "/var/bind/partition{partition}/open.hosts";
+	file "/var/bind/partition/open.hosts";
 	allow-update { any; };
 	allow-transfer { any; };
 	};

quickstart/bind9/etc/named.conf.default

@@ -0,0 +1,162 @@
+zone "vinyldns" {
+	type master;
+	file "/var/bind/default/vinyldns.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "old-vinyldns2" {
+	type master;
+	file "/var/bind/default/old-vinyldns2.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "old-vinyldns3" {
+	type master;
+	file "/var/bind/default/old-vinyldns3.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "dummy" {
+	type master;
+	file "/var/bind/default/dummy.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "ok" {
+	type master;
+	file "/var/bind/default/ok.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "shared" {
+	type master;
+	file "/var/bind/default/shared.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "non.test.shared" {
+  type master;
+  file "/var/bind/default/non.test.shared.hosts";
+  allow-update { key "vinyldns."; };
+  };
+
+zone "system-test" {
+	type master;
+	file "/var/bind/default/system-test.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "system-test-history" {
+	type master;
+	file "/var/bind/default/system-test-history.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "10.10.in-addr.arpa" {
+	type master;
+	file "/var/bind/default/10.10.in-addr.arpa";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "one-time" {
+	type master;
+	file "/var/bind/default/one-time.hosts";
+	allow-update { key "vinyldns."; key "vinyldns-sha1."; key "vinyldns-sha224."; key "vinyldns-sha256."; key "vinyldns-sha384."; key "vinyldns-sha512."; };
+	};
+
+zone "sync-test" {
+	type master;
+	file "/var/bind/default/sync-test.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "invalid-zone" {
+	type master;
+	file "/var/bind/default/invalid-zone.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "list-zones-test-searched-1{partition}" {
+	type master;
+	file "/var/bind/default/list-zones-test-searched-1.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "list-zones-test-searched-2{partition}" {
+	type master;
+	file "/var/bind/default/list-zones-test-searched-2.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "list-zones-test-searched-3{partition}" {
+	type master;
+	file "/var/bind/default/list-zones-test-searched-3.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "list-zones-test-unfiltered-1{partition}" {
+	type master;
+	file "/var/bind/default/list-zones-test-unfiltered-1.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "list-zones-test-unfiltered-2{partition}" {
+	type master;
+	file "/var/bind/default/list-zones-test-unfiltered-2.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "one-time-shared" {
+	type master;
+	file "/var/bind/default/one-time-shared.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "parent.com" {
+	type master;
+	file "/var/bind/default/parent.com.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "child.parent.com" {
+	type master;
+	file "/var/bind/default/child.parent.com.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "example.com" {
+	type master;
+	file "/var/bind/default/example.com.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "dskey.example.com" {
+	type master;
+	file "/var/bind/default/dskey.example.com.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "not.loaded" {
+	type master;
+	file "/var/bind/default/not.loaded.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "zone.requires.review" {
+	type master;
+	file "/var/bind/default/zone.requires.review.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "list-records" {
+	type master;
+	file "/var/bind/default/list-records.hosts";
+	allow-update { key "vinyldns."; };
+	};
+
+zone "open" {
+	type master;
+	file "/var/bind/default/open.hosts";
+	allow-update { any; };
+	allow-transfer { any; };
+	};

quickstart/bind9/etc/named.conf.local

@@ -29,6 +29,7 @@ key "vinyldns-sha512." {
   secret "xfKA0DYb88tiUGND+cWddwUg3/SugYSsdvCfBOJ1jr8MEdgbVRyrlVDEXLsfTUGorQ3ShENdymw2yw+rTr+lwA==";
 };
 
+include "/etc/bind/named.conf.default";
 include "/etc/bind/named.conf.partition1";
 include "/etc/bind/named.conf.partition2";
 include "/etc/bind/named.conf.partition3";

quickstart/bind9/zones/default/10.10.in-addr.arpa

@@ -0,0 +1,10 @@
+$ttl 38400
+10.10.in-addr.arpa.	IN	SOA	172.17.42.1. admin.vinyldns.com. (
+			1439234395
+			10800
+			3600
+			604800
+			38400 )
+10.10.in-addr.arpa.	IN	NS	172.17.42.1.
+24.0			IN	PTR	www.vinyl.
+25.0			IN	PTR	mail.vinyl.

quickstart/bind9/zones/default/child.parent.com.hosts

@@ -0,0 +1,9 @@
+$ttl 38400
+$ORIGIN child.parent.com.
+@	IN	SOA	ns1.parent.com. admin.test.com. (
+			1439234395
+			10800
+			3600
+			604800
+			38400 )
+@                IN  NS  ns1.parent.com.

quickstart/bind9/zones/default/dskey.example.com.hosts

@@ -0,0 +1,9 @@
+$TTL 1h
+$ORIGIN dskey.example.com.
+@	IN	SOA	ns1.parent.com. admin.test.com. (
+			1439234395
+			10800
+			3600
+			604800
+			38400 )
+dskey.example.com.   IN  NS  172.17.42.1.

quickstart/bind9/zones/default/dummy.hosts

@@ -0,0 +1,15 @@
+$ttl 38400
+dummy.	IN	SOA	172.17.42.1. admin.test.com. (
+			1439234395
+			10800
+			3600
+			604800
+			38400 )
+dummy.           IN  NS  172.17.42.1.
+jenkins          IN  A   10.1.1.1
+foo              IN  A   2.2.2.2
+test             IN  A   3.3.3.3
+test             IN  A   4.4.4.4
+@                IN  A   5.5.5.5
+already-exists   IN  A   6.6.6.6
+non-approved-delegation IN NS 7.7.7.7

quickstart/bind9/zones/default/example.com.hosts

@@ -0,0 +1,10 @@
+$TTL 1h
+$ORIGIN example.com.
+@	IN	SOA	ns1.parent.com. admin.test.com. (
+			1439234395
+			10800
+			3600
+			604800
+			38400 )
+example.com.      IN   NS  172.17.42.1.
+dskey             IN   NS  172.17.42.1.

quickstart/bind9/zones/default/invalid-zone.hosts

@@ -0,0 +1,17 @@
+$ttl 38400
+invalid-zone.	IN	SOA	172.17.42.1. admin.test.com. (
+			1439234395
+			10800
+			3600
+			604800
+			38400 )
+invalid-zone.    IN  NS  172.17.42.1.
+invalid-zone.    IN  NS  not-approved.thing.com.
+invalid.child.invalid-zone.    IN  NS  172.17.42.1.
+dotted.host.invalid-zone.      IN  A   1.2.3.4
+jenkins          IN  A   10.1.1.1
+foo              IN  A   2.2.2.2
+test             IN  A   3.3.3.3
+test             IN  A   4.4.4.4
+@                IN  A   5.5.5.5
+already-exists   IN  A   6.6.6.6

quickstart/bind9/zones/default/list-records.hosts

@@ -0,0 +1,38 @@
+$ttl 38400
+list-records.	IN	SOA	172.17.42.1. admin.test.com. (
+			1439234395
+			10800
+			3600
+			604800
+			38400 )
+list-records.              IN  NS  172.17.42.1.
+00-test-list-recordsets-0-A    IN  A   10.1.1.1
+00-test-list-recordsets-0-A    IN  A   10.2.2.2
+00-test-list-recordsets-0-CNAME    IN  CNAME   cname1.
+00-test-list-recordsets-1-A    IN  A   10.1.1.1
+00-test-list-recordsets-1-A    IN  A   10.2.2.2
+00-test-list-recordsets-1-CNAME    IN  CNAME   cname1.
+00-test-list-recordsets-2-A    IN  A   10.1.1.1
+00-test-list-recordsets-2-A    IN  A   10.2.2.2
+00-test-list-recordsets-2-CNAME    IN  CNAME   cname1.
+00-test-list-recordsets-3-A    IN  A   10.1.1.1
+00-test-list-recordsets-3-A    IN  A   10.2.2.2
+00-test-list-recordsets-3-CNAME    IN  CNAME   cname1.
+00-test-list-recordsets-4-A    IN  A   10.1.1.1
+00-test-list-recordsets-4-A    IN  A   10.2.2.2
+00-test-list-recordsets-4-CNAME    IN  CNAME   cname1.
+00-test-list-recordsets-5-A    IN  A   10.1.1.1
+00-test-list-recordsets-5-A    IN  A   10.2.2.2
+00-test-list-recordsets-5-CNAME    IN  CNAME   cname1.
+00-test-list-recordsets-6-A    IN  A   10.1.1.1
+00-test-list-recordsets-6-A    IN  A   10.2.2.2
+00-test-list-recordsets-6-CNAME    IN  CNAME   cname1.
+00-test-list-recordsets-7-A    IN  A   10.1.1.1
+00-test-list-recordsets-7-A    IN  A   10.2.2.2
+00-test-list-recordsets-7-CNAME    IN  CNAME   cname1.
+00-test-list-recordsets-8-A    IN  A   10.1.1.1
+00-test-list-recordsets-8-A    IN  A   10.2.2.2
+00-test-list-recordsets-8-CNAME    IN  CNAME   cname1.
+00-test-list-recordsets-9-A    IN  A   10.1.1.1
+00-test-list-recordsets-9-A    IN  A   10.2.2.2
+00-test-list-recordsets-9-CNAME    IN  CNAME   cname1.

quickstart/bind9/zones/default/list-zones-test-searched-1.hosts

@@ -0,0 +1,8 @@
+$ttl 38400
+list-zones-test-searched-1.	IN	SOA	172.17.42.1. admin.test.com. (
+			1439234395
+			10800
+			3600
+			604800
+			38400 )
+list-zones-test-searched-1.           IN  NS  172.17.42.1.

quickstart/bind9/zones/default/list-zones-test-searched-2.hosts

@@ -0,0 +1,8 @@
+$ttl 38400
+list-zones-test-searched-2.	IN	SOA	172.17.42.1. admin.test.com. (
+			1439234395
+			10800
+			3600
+			604800
+			38400 )
+list-zones-test-searched-2.           IN  NS  172.17.42.1.

quickstart/bind9/zones/default/list-zones-test-searched-3.hosts

@@ -0,0 +1,8 @@
+$ttl 38400
+list-zones-test-searched-3.	IN	SOA	172.17.42.1. admin.test.com. (
+			1439234395
+			10800
+			3600
+			604800
+			38400 )
+list-zones-test-searched-3.           IN  NS  172.17.42.1.

quickstart/bind9/zones/default/list-zones-test-unfiltered-1.hosts

@@ -0,0 +1,8 @@
+$ttl 38400
+list-zones-test-unfiltered-1.	IN	SOA	172.17.42.1. admin.test.com. (
+			1439234395
+			10800
+			3600
+			604800
+			38400 )
+list-zones-test-unfiltered-1.           IN  NS  172.17.42.1.

quickstart/bind9/zones/default/list-zones-test-unfiltered-2.hosts

@@ -0,0 +1,8 @@
+$ttl 38400
+list-zones-test-unfiltered-2.	IN	SOA	172.17.42.1. admin.test.com. (
+			1439234395
+			10800
+			3600
+			604800
+			38400 )
+list-zones-test-unfiltered-2.           IN  NS  172.17.42.1.

quickstart/bind9/zones/default/non.test.shared.hosts

@@ -0,0 +1,13 @@
+$ttl 38400
+non.test.shared.	     IN	SOA	172.17.42.1. admin.test.com. (
+			1439234395
+			10800
+			3600
+			604800
+			38400 )
+non.test.shared.      IN  NS  172.17.42.1.
+@                                IN  A   1.1.1.1
+delete-test-batch                IN  A   2.2.2.2
+update-test-batch                IN  A   3.3.3.3
+delete-test                      IN  A   4.4.4.4
+update-test                      IN  A   5.5.5.5

quickstart/bind9/zones/default/not.loaded.hosts

@@ -0,0 +1,9 @@
+$ttl 38400
+not.loaded.	IN	SOA	172.17.42.1. admin.test.com. (
+			1439234395
+			10800
+			3600
+			604800
+			38400 )
+not.loaded.      IN  NS  172.17.42.1.
+foo              IN  A   1.1.1.1