MX records support backport to Legacy DNS (#76)

* Updated README, tests and DNS code

* Fixed format

* Fixed ineffectual assignment

Author: mconfalonieri

README.md

@@ -1,8 +1,10 @@
 # ExternalDNS - UNOFFICIAL Hetzner Webhook
 
-⚠️ **This software is experimental.** ⚠️
+> [!WARNING]
+> **This software is experimental.**
 
-ℹ️ The latest version is **v0.9.1**.
+> [!NOTE]
+> The latest version is **v0.9.2**.
 
 [ExternalDNS](https://github.com/kubernetes-sigs/external-dns) is a Kubernetes
 add-on for automatically DNS records for Kubernetes services using different
@@ -13,8 +15,9 @@ you to manage your Hetzner domains inside your kubernetes cluster.
 
 This webhook supports both the old DNS API and the new Cloud DNS interface.
 
-ℹ️ If you are upgrading to **0.8.x** from previous versions read the
-[Upgrading from previous versions](#upgrading-from-previous-versions) section.
+> [!TIP]
+> If you are upgrading to **0.8.x** from previous versions read the
+> [Upgrading from previous versions](#upgrading-from-previous-versions) section.
 
 
 ## Requirements
@@ -77,7 +80,7 @@ provider:
   webhook:
     image:
       repository: ghcr.io/mconfalonieri/external-dns-hetzner-webhook
-      tag: v0.9.1
+      tag: v0.9.2
     env:
       - name: HETZNER_API_KEY
         valueFrom:
@@ -105,11 +108,14 @@ And then:
 
 ```shell
 # install external-dns with helm
-helm install external-dns-hetzner external-dns/external-dns -f external-dns-hetzner-values.yaml --version 0.15.0 -n external-dns
+helm install external-dns-hetzner external-dns/external-dns -f external-dns-hetzner-values.yaml -n external-dns
 ```
 
 ### Using the Bitnami chart
 
+> [!NOTE]
+> The Bitnami distribution model changed and most features are now paid for.
+
 Skip this step if you already have the Bitnami repository added:
 
 ```shell
@@ -134,7 +140,7 @@ extraArgs:
 
 sidecars:
   - name: hetzner-webhook
-    image: ghcr.io/mconfalonieri/external-dns-hetzner-webhook:v0.9.1
+    image: ghcr.io/mconfalonieri/external-dns-hetzner-webhook:v0.9.2
     ports:
       - containerPort: 8888
         name: webhook
@@ -219,6 +225,9 @@ repeated failed attempts to retrieve the records. If this parameter is set to
 a value strictly greater than zero, the webhook will shut down after the
 configured number of attempts. The default is `-1` (shutdown disabled).
 
+MX records are now supported for both the Cloud API (since **v0.9.1**) and the
+Legacy DNS API (since **v0.9.2**).
+
 ### 0.7.x to 0.8.x
 
 The configuration is still compatible, however some changes were introduced that
@@ -270,8 +279,9 @@ Hetzner DNS API.
 | SLASH_ESC_SEQ   | Escape sequence for label annotations  | Default: `--slash--`       |
 | MAX_FAIL_COUNT  | Number of failed calls before shutdown | Default: `-1` (disabled)   |
 
-Please notice that when **USE_CLOUD_API** is set to `true`, the token stored in
-**HETZNER_API_KEY** must be a Hetzner Cloud token, NOT the classic DNS one.
+> [!IMPORTANT]
+> Please notice that when **USE_CLOUD_API** is set to `true`, the token stored 
+> in **HETZNER_API_KEY** must be a Hetzner Cloud token, NOT the classic DNS one.
 
 ### Test and debug
 

README.md.gotmpl

@@ -1,8 +1,10 @@
 # ExternalDNS - UNOFFICIAL Hetzner Webhook
 
-⚠️ **This software is experimental.** ⚠️
+> [!WARNING]
+> **This software is experimental.**
 
-ℹ️ The latest version is **{{ .Version }}**.
+> [!NOTE]
+> The latest version is **{{ .Version }}**.
 
 [ExternalDNS](https://github.com/kubernetes-sigs/external-dns) is a Kubernetes
 add-on for automatically DNS records for Kubernetes services using different
@@ -13,8 +15,9 @@ you to manage your Hetzner domains inside your kubernetes cluster.
 
 This webhook supports both the old DNS API and the new Cloud DNS interface.
 
-ℹ️ If you are upgrading to **0.8.x** from previous versions read the
-[Upgrading from previous versions](#upgrading-from-previous-versions) section.
+> [!TIP]
+> If you are upgrading to **0.8.x** from previous versions read the
+> [Upgrading from previous versions](#upgrading-from-previous-versions) section.
 
 
 ## Requirements
@@ -105,11 +108,14 @@ And then:
 
 ```shell
 # install external-dns with helm
-helm install external-dns-hetzner external-dns/external-dns -f external-dns-hetzner-values.yaml --version 0.15.0 -n external-dns
+helm install external-dns-hetzner external-dns/external-dns -f external-dns-hetzner-values.yaml -n external-dns
 ```
 
 ### Using the Bitnami chart
 
+> [!NOTE]
+> The Bitnami distribution model changed and most features are now paid for.
+
 Skip this step if you already have the Bitnami repository added:
 
 ```shell
@@ -219,6 +225,9 @@ repeated failed attempts to retrieve the records. If this parameter is set to
 a value strictly greater than zero, the webhook will shut down after the
 configured number of attempts. The default is `-1` (shutdown disabled).
 
+MX records are now supported for both the Cloud API (since **v0.9.1**) and the
+Legacy DNS API (since **v0.9.2**).
+
 ### 0.7.x to 0.8.x
 
 The configuration is still compatible, however some changes were introduced that
@@ -270,8 +279,9 @@ Hetzner DNS API.
 | SLASH_ESC_SEQ   | Escape sequence for label annotations  | Default: `--slash--`       |
 | MAX_FAIL_COUNT  | Number of failed calls before shutdown | Default: `-1` (disabled)   |
 
-Please notice that when **USE_CLOUD_API** is set to `true`, the token stored in
-**HETZNER_API_KEY** must be a Hetzner Cloud token, NOT the classic DNS one.
+> [!IMPORTANT]
+> Please notice that when **USE_CLOUD_API** is set to `true`, the token stored 
+> in **HETZNER_API_KEY** must be a Hetzner Cloud token, NOT the classic DNS one.
 
 ### Test and debug
 

internal/hetzner/dns/change_processors.go

@@ -20,6 +20,7 @@
 package hetznerdns
 
 import (
+	"strconv"
 	"strings"
 
 	"sigs.k8s.io/external-dns/endpoint"
@@ -32,6 +33,9 @@ import (
 // adjustCNAMETarget fixes local CNAME targets. It ensures that targets
 // matching the domain are stripped of the domain parts and that "external"
 // targets end with a dot.
+//
+// Hetzner DNS convention: local hostnames have NO trailing dot, external DO.
+// See: https://docs.hetzner.com/dns-console/dns/record-types/mx-record/
 func adjustCNAMETarget(domain string, target string) string {
 	adjustedTarget := target
 	if strings.HasSuffix(target, "."+domain) {
@@ -44,6 +48,50 @@ func adjustCNAMETarget(domain string, target string) string {
 	return adjustedTarget
 }
 
+// adjustMXTarget adjusts MX record target to Hetzner DNS format.
+// MX target format from ExternalDNS: "10 mail.example.com"
+// Hetzner expects: "10 mail" (local) or "10 mail.other.com." (external with dot)
+func adjustMXTarget(domain string, target string) string {
+	parts := strings.SplitN(target, " ", 2)
+	if len(parts) != 2 {
+		log.WithFields(log.Fields{
+			"target": target,
+		}).Warn("MX target has invalid format (expected 'priority hostname')")
+		return target
+	}
+	priority := parts[0]
+	host := parts[1]
+
+	// Validate priority is numeric
+	if _, err := strconv.Atoi(priority); err != nil {
+		log.WithFields(log.Fields{
+			"target":   target,
+			"priority": priority,
+		}).Warn("MX priority is not a valid integer")
+		return target
+	}
+
+	// Handle apex record (host equals domain)
+	hostNoDot := strings.TrimSuffix(host, ".")
+	if hostNoDot == domain {
+		return priority + " @"
+	}
+
+	// Use existing CNAME logic for hostname
+	return priority + " " + adjustCNAMETarget(domain, host)
+}
+
+// adjustTarget adjusts the target depending on its type
+func adjustTarget(domain, recordType, target string) string {
+	switch recordType {
+	case "CNAME":
+		target = adjustCNAMETarget(domain, target)
+	case "MX":
+		target = adjustMXTarget(domain, target)
+	}
+	return target
+}
+
 // processCreateActionsByZone processes the create actions for one zone.
 func processCreateActionsByZone(zoneID, zoneName string, records []hdns.Record, endpoints []*endpoint.Endpoint, changes *hetznerChanges) {
 	for _, ep := range endpoints {
@@ -58,9 +106,7 @@ func processCreateActionsByZone(zoneID, zoneName string, records []hdns.Record,
 		}
 
 		for _, target := range ep.Targets {
-			if ep.RecordType == "CNAME" {
-				target = adjustCNAMETarget(zoneName, target)
-			}
+			target = adjustTarget(zoneName, ep.RecordType, target)
 			opts := &hdns.RecordCreateOpts{
 				Name:  makeEndpointName(zoneName, ep.DNSName),
 				Ttl:   getEndpointTTL(ep),
@@ -97,12 +143,11 @@ func processCreateActions(
 	}
 }
 
+// processUpdateEndpoint processes the update requests for an endpoint.
 func processUpdateEndpoint(zoneID, zoneName string, matchingRecordsByTarget map[string]hdns.Record, ep *endpoint.Endpoint, changes *hetznerChanges) {
 	// Generate create and delete actions based on existence of a record for each target.
 	for _, target := range ep.Targets {
-		if ep.RecordType == "CNAME" {
-			target = adjustCNAMETarget(zoneName, target)
-		}
+		target = adjustTarget(zoneName, ep.RecordType, target)
 		if record, ok := matchingRecordsByTarget[target]; ok {
 			opts := &hdns.RecordUpdateOpts{
 				Name:  makeEndpointName(zoneName, ep.DNSName),
@@ -200,12 +245,9 @@ func processUpdateActions(
 // targetsMatch determines if a record matches one of the endpoint's targets.
 func targetsMatch(record hdns.Record, ep *endpoint.Endpoint) bool {
 	for _, t := range ep.Targets {
-		endpointTarget := t
 		recordTarget := record.Value
-		if ep.RecordType == endpoint.RecordTypeCNAME {
-			domain := record.Zone.Name
-			endpointTarget = adjustCNAMETarget(domain, t)
-		}
+		domain := record.Zone.Name
+		endpointTarget := adjustTarget(domain, ep.RecordType, t)
 		if endpointTarget == recordTarget {
 			return true
 		}