search

akamai / terraform-provider-akamai

Terraform Akamai provider
https://www.terraform.io/docs/providers/akamai/
Mozilla Public License 2.0
109 stars 96 forks source link

DNS TXT records get sorted breaking public key order #559

Closed remibergsma closed 2 months ago

remibergsma commented 3 months ago

Terraform and Akamai Terraform Provider Versions

1.8.5

Affected Resource(s)

Please list the resources as a list, for example:

If this issue appears to affect multiple resources, it may be an issue with Terraform's core, so please mention this.

Terraform Configuration Files

Happens in all cases, due to sort method on this line: https://github.com/akamai/terraform-provider-akamai/blob/86da2eeee4d9b78e57aaa78b5135b1d216bd1309/pkg/providers/dns/data_dns_record_set.go#L84

Debug Output

None

Panic Output

None

Expected Behavior

TXT records should be created in the order as specified and not sorted.

Actual Behavior

TXT records are sorted (due to https://github.com/akamai/terraform-provider-akamai/blob/86da2eeee4d9b78e57aaa78b5135b1d216bd1309/pkg/providers/dns/data_dns_record_set.go#L84)

Steps to Reproduce

Create TXT record with multiple targets. We use this to specify DKIM public keys. Since only 1024 bit keys fit on a single entry, when using 2048bit keys one needs to put them over multiple targets. Starting with the "v=DKIM1" line, and then the exact order as specified.

Example code:

provider "akamai" { edgerc = "~/.edgerc" # path to your .edgerc file with credentials edgerc_section = "default" # section in .edgerc file to use }

resource "akamai_dns_zone" "example_zone" { zone = "example.com" }

resource "akamai_dns_record" "dkim_txt_record" { zone = akamai_dns_zone.example_zone.zone name = "selector1._domainkey.example.com" type = "TXT" ttl = 300

The DKIM public key split into 255 character chunks, wrapped in quotes and separated by a space

target = "\"v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dF6Q...\" " "\"ZZZZ...b6r0jqmVz0f34kz3QnupRJqdlh...\" " "\"AAAA...iDfOckf1TIwIDAQAB\"" }

output "dns_record_id" { value = akamai_dns_record.dkim_txt_record.id }

Note that the record gets created, but that part AAA of the key (which is supposed to be at the end) is now sorted. This is obviously breaking the public key.

Important Factoids

None

References

mstojanowski commented 3 months ago

Hi @remibergsma

Thank you for reporting this. It's under investigation. We will get back to you soon.

Regard, Marcin

mgwoj commented 2 months ago

Hi @remibergsma, this issue should be fixed in the recent release.

remibergsma commented 1 month ago

Awesome, thanks @mgwoj !