search

infobloxopen / terraform-provider-infoblox

Infoblox NIOS Terraform Provider
https://github.com/infobloxopen/terraform-provider-infoblox
Mozilla Public License 2.0
67 stars 72 forks source link

How to split / quote TXT-records correctly? / possible quoting issue #344

Closed ppuschmann closed 2 months ago

ppuschmann commented 2 months ago

Hi there,

I'm trying to configure longer TXT-records like this:

resource "infoblox_txt_record" "rd__domainkey_example_com_TXT_1" {
  comment  = "managed by TF"
  dns_view = "MyView"
  fqdn     = "rd._domainkey.example.com"
  text     = "\"v=DKIM1; p=MIIBIjv/v/g+Nn/ZIp161m2/Eeh\" \"Te9TbwgtNf/eZhVC0+g+9bBQQcAe676/0XjSeqN/g/g/gRPX7/Q/b+h\""
  ttl      = 3600
}

I then always get this diff with terraform plan or terraform apply:

# infoblox_txt_record.rd__domainkey_example_com_TXT_1 will be updated in-place
  ~ resource "infoblox_txt_record" "rd__domainkey_example_com_TXT_1" {
        id       = "record:txt/<some-id>:rd._domainkey.example.com/MyView"
      ~ text     = "\"v=DKIM1; p=MIIBIjv/v/g+Nn/ZIp161m2/Eeh\" Te9TbwgtNf/eZhVC0+g+9bBQQcAe676/0XjSeqN/g/g/gRPX7/Q/b+h" -> "\"v=DKIM1; p=MIIBIjv/v/g+Nn/ZIp161m2/Eeh\" \"Te9TbwgtNf/eZhVC0+g+9bBQQcAe676/0XjSeqN/g/g/gRPX7/Q/b+h\""
        # (4 unchanged attributes hidden)
    }

which is:

"\"v=DKIM1; p=MIIBIjv/v/g+Nn/ZIp161m2/Eeh\" Te9TbwgtNf/eZhVC0+g+9bBQQcAe676/0XjSeqN/g/g/gRPX7/Q/b+h"
against
"\"v=DKIM1; p=MIIBIjv/v/g+Nn/ZIp161m2/Eeh\" \"Te9TbwgtNf/eZhVC0+g+9bBQQcAe676/0XjSeqN/g/g/gRPX7/Q/b+h\""

Setting the desired value via the web-interface show, that only the first block is quoted: image

Which leads to the conclusion that there might be a bug in our Infoblox version or do I really have to split the TXT-record into multiple records like the documentation suggests?

The actual Question is: how can I solve this? Is there any workaround?

Current environment:

ppuschmann commented 2 months ago

For readers of this: "Of course" the original problem is the character-limit of 255 characters per entry in TXT-records.

So the orginal example should be:

resource "infoblox_txt_record" "rd__domainkey_example_com_TXT_1" {
  comment  = "managed by TF"
  dns_view = "MyView"
  fqdn     = "rd._domainkey.example.com"
  text     = "\"<first-255-characters>\" \"<second-255-characters>\""
  ttl      = 3600
}

Reading some documentation I found out that other DNS server do this:

<first-255-characters><second-255-characters>

It turns out that this is the way Infoblox wants to have a separation of the single 255 character chunks:

<first-255-characters> <second-255-characters>
resource "infoblox_txt_record" "rd__domainkey_example_com_TXT_1" {
  comment  = "managed by TF"
  dns_view = "MyView"
  fqdn     = "rd._domainkey.example.com"
  text     = <first-255-characters> <second-255-characters>
  ttl      = 3600
}

--> Mind the space.