When having a playbook with TLSA records in it, you can run in the first time where it creates the record, but the send time you run the exact same playbook Cloudflare returns: "API bad request; Status: 400; Method: POST: Call: /zones/xxx/dns_records".
I can delete the record manually and then run the same playbook and the TLSA record is then recreated without problems.
---
- name: Manage Cloudflare DNS for f5xc.cloud
hosts: localhost
gather_facts: no
vars:
cloudflare_api_token: "xxx"
tasks:
- name: Create a TLSA record
community.general.cloudflare_dns:
zone: f5xc.cloud
record: mail
port: 25
proto: tcp
ttl: 1
type: TLSA
cert_usage: 3
selector: 1
hash_type: 1
value: ca0670673bbb30160xxxx0b44bebb3b866881c9b8d4
state: present
api_token: "{{ cloudflare_api_token }}"
Expected Results
Playbook runs successfully without any changes.
Actual Results
PLAY [Manage Cloudflare DNS for f5xc.cloud] *********************************************************************************************************************************************************************************************
TASK [Create an A record for 'f5xc.cloud'] **********************************************************************************************************************************************************************************************
ok: [localhost]
TASK [Create a CAA record for 'f5xc.cloud'] *********************************************************************************************************************************************************************************************
ok: [localhost]
TASK [Create an CNAME record for '*.f5xc.cloud'] ****************************************************************************************************************************************************************************************
ok: [localhost]
TASK [Create an MX record for 'f5xc.cloud'] *********************************************************************************************************************************************************************************************
ok: [localhost]
TASK [Create a TXT record for 'f5xc.cloud'] *********************************************************************************************************************************************************************************************
ok: [localhost]
TASK [Create an SRV ] ***************************************************************************************************************************************************************************
ok: [localhost]
TASK [Create a TLSA record ] *************************************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "API bad request; Status: 400; Method: POST: Call: /zones/xxx/dns_records"}
PLAY RECAP ******************************************************************************************************************************************************************************************************************************
localhost : ok=6 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
Summary
When having a playbook with TLSA records in it, you can run in the first time where it creates the record, but the send time you run the exact same playbook Cloudflare returns: "API bad request; Status: 400; Method: POST: Call: /zones/xxx/dns_records".
I can delete the record manually and then run the same playbook and the TLSA record is then recreated without problems.
Issue Type
Bug Report
Component Name
cloudflare_dns
Ansible Version
Community.general Version
Configuration
OS / Environment
Ubuntu 22.04
Steps to Reproduce
Expected Results
Playbook runs successfully without any changes.
Actual Results
Code of Conduct