Forgejo Action to update a DNS TXT record using the OVH API
Go to file
oliverpool 2ac4f74b36 add logs (#3)
Co-authored-by: oliverpool <>
Co-committed-by: oliverpool <>
2023-09-20 12:37:11 +00:00
.forgejo/workflows add PR testing (#1) 2023-08-20 06:44:27 +00:00
LICENSES initial commit 2023-08-18 11:40:26 +02:00
action.yml add README 2023-08-20 20:30:48 +02:00
go.mod initial commit 2023-08-18 11:40:26 +02:00
go.sum initial commit 2023-08-18 11:40:26 +02:00
go.sum.license initial commit 2023-08-18 11:40:26 +02:00
main.go add logs (#3) 2023-09-20 12:37:11 +00:00
main_test.go add PR testing (#1) 2023-08-20 06:44:27 +00:00 link back to rvcodns spec 2023-08-21 15:17:56 +02:00

OVH DNS Update


Update a given DNS record using the OVH API for use in the Release Version Check Over DNS (RVCoDNS).

NOTE: This action is written in Go. Please setup the Go environment (>=1.21) before running this action or use a runner with Go environment installed.


parameter description required default
subdomain The subdomain to update (e.g. _release) true
domain The domain (zoneName in the OVH API) true
record-id The ID of the record to update true
value The TXT value to set true
ovh-endpoint The OVH API endpoint false ovh-eu
ovh-app-key The OVH API Application Key true
ovh-app-secret The OVH API Application Secret true
ovh-consumer-key The OVH API Consumer Key true

Security notice

You should create restricted credentials for only the specific record you want to update. See to retrieve its record-id and then visit{domain}/record/{record-id} (replacing the placeholders) to create dedicated credentials.

However be aware that the credentials can also update the subdmain! This means that anyone with this credentials can publish a TXT record under any subdomain of the domain (for instance to get a signed certificate by completing the DNS challenge of the ACME protocol).

To mitigate this issue, decided to use a dedicated domain with only TXT records (and CNAME records on the main domain, which points to those TXT records).


on: [tag]
    runs-on: ubuntu-latest
      - uses: actions/checkout@v3
      - uses:
          go-version: ">=1.21"
          check-latest: true
      - uses: actions/forgejo-release@v1
          subdomain: _release
          record-id: 12345
          value: v=${{ github.ref_name }}
          ovh-app-key: ${{ secrets.OVH_APP_KEY }}
          ovh-app-secret: ${{ secrets.OVH_APP_SECRET }}
          ovh-consumer-key: ${{ secrets.OVH_CON_KEY }}