Implement powerdns_record_soa resource

Allow management of the SOA record using a friendly data structure and
avoid serial number conflicts if SOA-EDIT-API is used by reading the
latest serial number from the server before applying changes.

Signed-off-by: Georg Pfuetzenreuter <[email protected]>

Author: tacerus

docker-compose.yml

@@ -51,6 +51,9 @@ services:
       curl -X POST http://pdns:8081/api/v1/servers/localhost/zones \
         -d '{"name": "test-soa-sysa.xyz.", "kind": "Native", "soa_edit_api": "", "nameservers": ["ns1.sysa.xyz."]}' \
         -H "X-API-Key: secret"
+      curl -X POST http://pdns:8081/api/v1/servers/localhost/zones \
+        -d '{"name": "test-soa2-sysa.xyz.", "kind": "Native", "soa_edit_api": "EPOCH", "nameservers": ["ns1.sysa.xyz."]}' \
+        -H "X-API-Key: secret"
       curl -s -X POST http://pdns:8081/api/v1/servers/localhost/zones \
         -d '{"name": "in-addr.arpa.", "kind": "Native", "nameservers": ["ns1.sysa.xyz."]}' \
         -H "X-API-Key: secret"

powerdns/provider.go

@@ -54,8 +54,9 @@ func Provider() terraform.ResourceProvider {
 		},
 
 		ResourcesMap: map[string]*schema.Resource{
-			"powerdns_zone":   resourcePDNSZone(),
-			"powerdns_record": resourcePDNSRecord(),
+			"powerdns_zone":       resourcePDNSZone(),
+			"powerdns_record":     resourcePDNSRecord(),
+			"powerdns_record_soa": resourcePDNSRecordSOA(),
 		},
 
 		ConfigureFunc: providerConfigure,

powerdns/resource_powerdns_record.go

@@ -4,6 +4,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"log"
+	"strconv"
 	"strings"
 
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
@@ -61,6 +62,87 @@ func resourcePDNSRecord() *schema.Resource {
 	}
 }
 
+func resourcePDNSRecordSOA() *schema.Resource {
+	return &schema.Resource{
+		Create: resourcePDNSRecordCreate,
+		Read:   resourcePDNSRecordRead,
+		Delete: resourcePDNSRecordDelete,
+		Exists: resourcePDNSRecordExists,
+		Importer: &schema.ResourceImporter{
+			State: resourcePDNSRecordImport,
+		},
+
+		Schema: map[string]*schema.Schema{
+			"zone": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+
+			"name": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+
+			"type": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+
+			"ttl": {
+				Type:     schema.TypeInt,
+				Required: true,
+				ForceNew: true,
+			},
+
+			"mname": {
+				Type:     schema.TypeString,
+				Optional: false,
+				Required: true,
+				ForceNew: true,
+			},
+			"rname": {
+				Type:     schema.TypeString,
+				Optional: false,
+				Required: true,
+				ForceNew: true,
+			},
+			"serial": {
+				Type:     schema.TypeInt,
+				Optional: false,
+				Required: true,
+				ForceNew: true,
+			},
+			"refresh": {
+				Type:     schema.TypeInt,
+				Optional: false,
+				Required: true,
+				ForceNew: true,
+			},
+			"retry": {
+				Type:     schema.TypeInt,
+				Optional: false,
+				Required: true,
+				ForceNew: true,
+			},
+			"expire": {
+				Type:     schema.TypeInt,
+				Optional: false,
+				Required: true,
+				ForceNew: true,
+			},
+			"minimum": {
+				Type:     schema.TypeInt,
+				Optional: false,
+				Required: true,
+				ForceNew: true,
+			},
+		},
+	}
+}
+
 func resourcePDNSRecordCreate(d *schema.ResourceData, meta interface{}) error {
 	client := meta.(*Client)
 
@@ -72,11 +154,17 @@ func resourcePDNSRecordCreate(d *schema.ResourceData, meta interface{}) error {
 
 	zone := d.Get("zone").(string)
 	ttl := d.Get("ttl").(int)
-	recs := d.Get("records").(*schema.Set).List()
+	var recs []interface{}
+	var recslen int
 	setPtr := false
-
-	if v, ok := d.GetOk("set_ptr"); ok {
-		setPtr = v.(bool)
+	if d.Get("type") == "SOA" {
+		recslen = 1
+	} else {
+		recs = d.Get("records").(*schema.Set).List()
+		recslen = len(recs)
+		if v, ok := d.GetOk("set_ptr"); ok {
+			setPtr = v.(bool)
+		}
 	}
 
 	// begin: ValidateFunc
@@ -89,20 +177,46 @@ func resourcePDNSRecordCreate(d *schema.ResourceData, meta interface{}) error {
 			log.Printf("[WARN] One or more values in 'records' contain empty '' value(s)")
 		}
 	}
-	if !(len(recs) > 0) {
+	if recslen == 0 {
 		return fmt.Errorf("'records' must not be empty")
 	}
 	// end: ValidateFunc
 
-	if len(recs) > 0 {
-		records := make([]Record, 0, len(recs))
-		for _, recContent := range recs {
+	if recslen > 0 {
+		records := make([]Record, 0, recslen)
+
+		if d.Get("type") == "SOA" {
+			log.Printf("[DEBUG] Searching existing SOA record at %s => %s", d.Get("zone").(string), d.Get("name").(string))
+			soa_records, err := client.ListRecordsInRRSet(d.Get("zone").(string), d.Get("name").(string), "SOA")
+			if err != nil {
+				return fmt.Errorf("Failed to fetch old SOA record: %s", err)
+			}
+			var serial int
+			if len(soa_records) > 0 {
+				serial, err = strconv.Atoi(strings.Fields(soa_records[0].Content)[2])
+				if err != nil {
+					return fmt.Errorf("Failed to parse old serial value in SOA record: %s", err)
+				}
+			} else {
+				serial = d.Get("serial").(int)
+			}
+			log.Printf("[DEBUG] Set serial number to %d", serial)
+
 			records = append(records,
 				Record{Name: rrSet.Name,
 					Type:    rrSet.Type,
 					TTL:     ttl,
-					Content: recContent.(string),
+					Content: fmt.Sprintf("%s %s %d %d %d %d %d", d.Get("mname"), d.Get("rname"), serial, d.Get("refresh"), d.Get("retry"), d.Get("expire"), d.Get("minimum")),
 					SetPtr:  setPtr})
+		} else {
+			for _, recContent := range recs {
+				records = append(records,
+					Record{Name: rrSet.Name,
+						Type:    rrSet.Type,
+						TTL:     ttl,
+						Content: recContent.(string),
+						SetPtr:  setPtr})
+			}
 		}
 
 		rrSet.Records = records
@@ -132,12 +246,48 @@ func resourcePDNSRecordRead(d *schema.ResourceData, meta interface{}) error {
 	}
 
 	recs := make([]string, 0, len(records))
-	for _, r := range records {
-		recs = append(recs, r.Content)
+	if d.Get("type") == "SOA" {
+		rsplit := strings.Fields(records[0].Content)
+		d.Set("mname", rsplit[0])
+		d.Set("rname", rsplit[1])
+
+		serial, err := strconv.Atoi(rsplit[2])
+		if err != nil {
+			return fmt.Errorf("Failed to parse serial value in SOA record: %s", err)
+		}
+		d.Set("serial", serial)
+
+		refresh, err := strconv.Atoi(rsplit[3])
+		if err != nil {
+			return fmt.Errorf("Failed to parse refresh value in SOA record: %s", err)
+		}
+		d.Set("refresh", refresh)
+
+		retry, err := strconv.Atoi(rsplit[4])
+		if err != nil {
+			return fmt.Errorf("Failed to parse retry value in SOA record: %s", err)
+		}
+		d.Set("retry", retry)
+
+		expire, err := strconv.Atoi(rsplit[5])
+		if err != nil {
+			return fmt.Errorf("Failed to parse expire value in SOA record: %s", err)
+		}
+		d.Set("expire", expire)
+
+		minimum, err := strconv.Atoi(rsplit[6])
+		if err != nil {
+			return fmt.Errorf("Failed to parse minimum value in SOA record: %s", err)
+		}
+		d.Set("minimum", minimum)
+	} else {
+		for _, r := range records {
+			recs = append(recs, r.Content)
+		}
+		d.Set("records", recs)
 	}
-	d.Set("records", recs)
 
-	if len(records) > 0 {
+	if len(records) > 0 || d.Get("Type") == "SOA" {
 		d.Set("ttl", records[0].TTL)
 	}
 

powerdns/resource_powerdns_record_test.go

@@ -444,6 +444,31 @@ func TestAccPDNSRecord_SOA(t *testing.T) {
 	})
 }
 
+func TestAccPDNSRecordSOA_SOA(t *testing.T) {
+	resourceName := "powerdns_record_soa.test-soa2"
+	resourceID := `{"zone":"test-soa2-sysa.xyz.","id":"test-soa2-sysa.xyz.:::SOA"}`
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckPDNSRecordDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testPDNSRecordConfigSOA2,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckPDNSRecordExists(resourceName),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportStateId:     resourceID,
+				ImportState:       false,
+				ImportStateVerify: false,
+			},
+		},
+	})
+}
+
 func testAccCheckPDNSRecordDestroy(s *terraform.State) error {
 	for _, rs := range s.RootModule().Resources {
 		if rs.Type != "powerdns_record" {
@@ -654,3 +679,18 @@ resource "powerdns_record" "test-soa" {
 	ttl = 3600
 	records = [ "something.something. hostmaster.sysa.xyz. 2019090301 10800 3600 604800 3600" ]
 }`
+
+const testPDNSRecordConfigSOA2 = `
+resource "powerdns_record_soa" "test-soa2" {
+	zone = "test-soa2-sysa.xyz."
+	name = "test-soa2-sysa.xyz."
+	type = "SOA"
+	ttl = 3600
+	mname = "ns1.sysa.xyz."
+	rname = "hostmaster.sysa.xyz."
+	serial = 0
+	refresh = 7200
+	retry = 600
+	expire = 1209600
+	minimum = 6400
+}`

website/docs/r/record_soa.html.markdown

@@ -0,0 +1,55 @@
+---
+layout: "powerdns"
+page_title: "PowerDNS: powerdns_record_soa"
+sidebar_current: "docs-powerdns-resource-record-soa"
+description: |-
+  Provides a PowerDNS SOA record resource.
+---
+
+# powerdns\_record
+
+Provides a PowerDNS SOA record resource.
+This is offers an alternative to managing the SOA record of a zone through the generic `powerdns_record`.
+
+## Example Usage
+
+### A record example
+
+```hcl
+resource "powerdns_record_soa" "soa-example_com" {
+  zone    = "example.com."
+  name    = "example.com."
+  type    = "SOA"
+  ttl     = 8600
+  mnme    = "ns1.example.com."
+  rname   = "hostmaster.example.com."
+  serial  = 0
+  refresh = 7200
+  retry   = 600
+  expire  = 1209600
+  minimum = 6400
+
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `zone` - (Required) The name of zone to contain this record.
+* `name` - (Required) The name of the record, typically the same as `zone`.
+* `type` - (Required) The record type, must be `SOA`.
+* `ttl` - (Required) The TTL of the record.
+* `mname` - (Required) SOA MNAME.
+* `rname` - (Required) SOA RNAME.
+* `serial` - (Required) SOA SERIAL - it will only be used for creation of the zone, subsequent changes are expected to use SOA-EDIT-API if a serial number update is desired. Set to `0` if no specific starting serial number is desired, or if the zone to manage already exists.
+* `refresh` - (Required) SOA REFRESH.
+* `retry` - (Required) SOA RETRY.
+* `expire` - (Required) SOA EXPIRE.
+* `minimum` - (Required) SOA MINIMUM.
+
+### Attribute Reference
+
+The id of the resource is a composite of the record name and record type, joined by a separator - `:::`.
+
+For example, record `example.com.` of type `SOA` will be represented with the following `id`: `example.com.:::SOA`