search

octodns / octodns-cloudflare

Cloudflare DNS provider for octoDNS
MIT License
24 stars 17 forks source link

Race condition when creating NS and DS records at the "same" time. #102

Closed elidhu closed 1 month ago

elidhu commented 1 month ago

The Cloudflare API will not allow the creation of a DS record before an NS record is created.

I can't see a way around this other than to account for the ordering in the provider.

* example (CloudflareProvider)
*   Create <DsRecord DS 300, dev.example.com., ['2371 13 2 AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'], {'example': {'auto-ttl': True}}> (staging)
*   Create <NsRecord NS 300, dev.example.com., ['ns1.example.com.', 'ns2.example.com.'], {'example': {'auto-ttl': True}}> (staging)
*   Summary: Creates=2, Updates=0, Deletes=0, Existing Records=0
Traceback (most recent call last):
  File "/Users/snip/venv/bin/octodns-sync", line 8, in <module>
    sys.exit(main())
             ^^^^^^
  File "/Users/snip/venv/lib/python3.12/site-packages/octodns/cmds/sync.py", line 62, in main
    manager.sync(
  File "/Users/snip/venv/lib/python3.12/site-packages/octodns/manager.py", line 857, in sync
    total_changes += target.apply(plan)
                     ^^^^^^^^^^^^^^^^^^
  File "/Users/snip/venv/lib/python3.12/site-packages/octodns/provider/base.py", line 298, in apply
    self._apply(plan)
  File "/Users/snip/venv/lib/python3.12/site-packages/octodns_cloudflare/__init__.py", line 1107, in _apply
    getattr(self, f'_apply_{class_name}')(change)
  File "/Users/snip/venv/lib/python3.12/site-packages/octodns_cloudflare/__init__.py", line 920, in _apply_Create
    self._try_request('POST', path, data=content)
  File "/Users/snip/venv/lib/python3.12/site-packages/octodns_cloudflare/__init__.py", line 131, in _try_request
    return self._request(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/snip/venv/lib/python3.12/site-packages/octodns_cloudflare/__init__.py", line 154, in _request
    raise CloudflareError(resp.json())
octodns_cloudflare.CloudflareError: DNS Validation Error
ross commented 1 month ago

Interesting. It should be possible for octodns-cloudflare to sort changes it sees in a plan to make sure that NS record creates come before DS records. I haven't heard of any other providers having this problems so it seems like something that should happen in this provider and not in octoDNS core.

Guessing this also means that you can't create a DS record w/o a corresponding NS record at all. Just tried that in a couple other providers and was able to create the DS so I don't think this should be a validation in octoDNS core and probably needs to be something that octodns-cloudflare flags as well.