What happened:
Currently the provider secret for rfc2136 expects TSIGSecret to be set to the base64 decoded version of the TSIG key.
While it base64 encodes the secret during runtime.
What you expected to happen:
no decoding and reencoding.
How to reproduce it (as minimally and precisely as possible):
Generate a tsig Key. tsig-keygen -a HMAC-SHA256 mykey:
What happened: Currently the provider secret for rfc2136 expects TSIGSecret to be set to the base64 decoded version of the TSIG key. While it base64 encodes the secret during runtime.
What you expected to happen: no decoding and reencoding.
How to reproduce it (as minimally and precisely as possible):
Generate a tsig Key.
tsig-keygen -a HMAC-SHA256 mykey
:Configure it on the DNS server
Create the rfc2136 provider secret:
Create DNSProvider and DNSEntry
Anything else we need to know:
Environment: external-dns-management v0.16.0 as well as on master. kubernetes 1.26