From f710fb6bb54a3cea41c09160a0e26a6ecf264184 Mon Sep 17 00:00:00 2001
From: Patrick Koss <patrick.koss@mail.schwarz>
Date: Fri, 17 Nov 2023 14:28:49 +0100
Subject: [PATCH] find best matching zone

---
 certbot_dns_stackit/stackit.py | 31 +++++++++++++++++++------------
 setup.py                       |  2 +-
 2 files changed, 20 insertions(+), 13 deletions(-)

diff --git a/certbot_dns_stackit/stackit.py b/certbot_dns_stackit/stackit.py
index 2db332c..97f44fc 100644
--- a/certbot_dns_stackit/stackit.py
+++ b/certbot_dns_stackit/stackit.py
@@ -53,9 +53,9 @@ def add_txt_record(self, domain: str, validation_name: str, validation: str):
         """
         Add a TXT record using the supplied information.
 
-        :param domain: The zone dnsName.
-        :param validation_name: The record name.
-        :param validation: The record content.
+        :param domain: The domain one level above the validation name.
+        :param validation_name: The acme challenge record name.
+        :param validation: The acme challenge record content.
         """
         zone_id = self._get_zone_id(domain)
         rrset = self._get_rrset(zone_id, validation_name)
@@ -137,16 +137,23 @@ def _get_zone_id(self, domain: str) -> str:
         :param domain: The domain (zone dnsName) for which the zone ID is needed.
         :return: The ID of the zone.
         """
-        res = requests.get(
-            f"{self.base_url}/v1/projects/{self.project_id}/zones?dnsName[eq]={domain}&active[eq]=true",
-            headers=self.headers,
-        )
-        if res.status_code != 200 or len(res.json()["zones"]) == 0:
-            raise errors.PluginError(
-                f"Could not find zone id for domain {domain}, Response: {res.text}"
+        parts = domain.split('.')
+
+        # we are searching for the best matching zone. We can do that by iterating over the parts of the domain
+        # from left to right.
+        for i in range(len(parts)):
+            subdomain = '.'.join(parts[i:])
+            res = requests.get(
+                f"{self.base_url}/v1/projects/{self.project_id}/zones?dnsName[eq]={subdomain}&active[eq]=true",
+                headers=self.headers,
             )
 
-        return res.json()["zones"][0]["id"]
+            if res.status_code == 200 and len(res.json()["zones"]) > 0:
+                return res.json()["zones"][0]["id"]
+
+        raise errors.PluginError(
+            f"Could not find zone id for domain {domain}, Response: {res.text}"
+        )
 
     def _get_rrset(self, zone_id: str, validation_name: str) -> Optional[RRSet]:
         """
@@ -256,7 +263,7 @@ def _perform(self, domain: str, validation_name: str, validation: str):
         """
         Carry out a DNS update.
 
-        :param domain: The domain where the DNS record will be added.
+        :param domain: The domain where the DNS record will be added. Does not need to be the zone dns name but any domain.
         :param validation_name: The name of the DNS record.
         :param validation: The validation content to be added to the DNS record.
         """
diff --git a/setup.py b/setup.py
index d8b1faf..010e0a8 100644
--- a/setup.py
+++ b/setup.py
@@ -2,7 +2,7 @@
 from setuptools import find_packages
 import os
 
-version = os.environ.get("PACKAGE_VERSION", "v0.1.0")
+version = os.environ.get("PACKAGE_VERSION", "v0.1.1")
 
 install_requires = [
     "acme>=2.6.0",