Add CNAME resolution tree (CNAME recursivity) to the dns_cname_record…

[hightoxicity]

…_set datasource

It is actually hard to achieve recursivity with Terraform.
If at some time we want to follow a CNAME tree in Terraform it is near impossible to do it dynamically and find final leaf.

This feature would allow to get a CNAME full path to final leaf CNAME and allow to use those intermediate found elements to do some ops, here in Docusign, we need to know if one of those intermediate element cross a host that has "akadns.net." suffix (akamai global traffic management property) to add some controls to our Terraform GTM Automation.

I put one of our record to test, but we need to get a similar fixture record under hashicorptest.com and adapt the test for this.

Thx for your help/review/feedback

[hashicorp-cla]

All committers have signed the CLA.

[bflad]

Hi @hightoxicity 👋 Thank you for submitting this. Interesting use case -- would you be able to open a feature request that describes the "why" of this a little better please? e.g.

• Your DNS record structure (it sounds like potentially CNAME -> CNAME -> A/AAAA)
• Why traversing it is necessary from a DNS record perspective (over using other information, such as managed resources that would be directly causing the intermediate records to be exist)
• What is not possible or easy in your Terraform configuration today (psuedo-config is okay)
• What the updated configuration with this enhancement will make possible

From a design perspective, another thing I'd like to poke at is whether it is more or less confusing to have a resource that does both a single lookup (cname attribute) and recursive lookup (cname_tree attribute), versus offering a separate resource that is intentionally setup for recursive lookups. Practitioners/environments may not be expecting this behavior by default. It is likely okay to bake it into the existing resource, but there might be other considerations, such as potential configurations or implementation details necessary to limit recursion should there be cyclical resource records and other edge cases that recursion introduces.

In the meantime, if anyone else is interested in this use case, please 👍 on the original PR description which can help us with prioritization.

[hightoxicity]

Hi @hightoxicity 👋 Thank you for submitting this. Interesting use case -- would you be able to open a feature request that describes the "why" of this a little better please? e.g.

• Your DNS record structure (it sounds like potentially CNAME -> CNAME -> A/AAAA)
• Why traversing it is necessary from a DNS record perspective (over using other information, such as managed resources that would be directly causing the intermediate records to be exist)
• What is not possible or easy in your Terraform configuration today (psuedo-config is okay)
• What the updated configuration with this enhancement will make possible

From a design perspective, another thing I'd like to poke at is whether it is more or less confusing to have a resource that does both a single lookup (cname attribute) and recursive lookup (cname_tree attribute), versus offering a separate resource that is intentionally setup for recursive lookups. Practitioners/environments may not be expecting this behavior by default. It is likely okay to bake it into the existing resource, but there might be other considerations, such as potential configurations or implementation details necessary to limit recursion should there be cyclical resource records and other edge cases that recursion introduces.

In the meantime, if anyone else is interested in this use case, please 👍 on the original PR description which can help us with prioritization.

Hi @bflad , thanks for your very qualitative and fast inputs, it seems like a great idea to create a new datasource for this special usecase, I am about to close this PR and replace it by #390 that I think is cleaner and I will fill all the information you need in this new PR in coming days.

[github-actions]

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.