Upgrade External DNS to v0.16.1, add DNSEndpoint CRD support

external-dns/atproto-txt.yaml

@@ -0,0 +1,11 @@
+apiVersion: externaldns.k8s.io/v1alpha1
+kind: DNSEndpoint
+metadata:
+  name: atproto-txt
+spec:
+  endpoints:
+  - dnsName: _atproto.hashbang.sh
+    recordTTL: 60
+    recordType: TXT 
+    targets:
+    - 'did=did:plc:d5vnrky4rxilzxou6get5tlt'

external-dns/crd.yaml

@@ -0,0 +1,101 @@
+# https://github.com/kubernetes-sigs/external-dns/blob/cc937a36aa29b2f105788bbc98494a4c06449cd3/docs/sources/crd/crd-manifest.yaml
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    api-approved.kubernetes.io: https://github.com/kubernetes-sigs/external-dns/pull/2007
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: dnsendpoints.externaldns.k8s.io
+spec:
+  group: externaldns.k8s.io
+  names:
+    kind: DNSEndpoint
+    listKind: DNSEndpointList
+    plural: dnsendpoints
+    singular: dnsendpoint
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: DNSEndpointSpec defines the desired state of DNSEndpoint
+            properties:
+              endpoints:
+                items:
+                  description: Endpoint is a high-level way of a connection between
+                    a service and an IP
+                  properties:
+                    dnsName:
+                      description: The hostname of the DNS record
+                      type: string
+                    labels:
+                      additionalProperties:
+                        type: string
+                      description: Labels stores labels defined for the Endpoint
+                      type: object
+                    providerSpecific:
+                      description: ProviderSpecific stores provider specific config
+                      items:
+                        description: ProviderSpecificProperty holds the name and value
+                          of a configuration which is specific to individual DNS providers
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                        type: object
+                      type: array
+                    recordTTL:
+                      description: TTL for the record
+                      format: int64
+                      type: integer
+                    recordType:
+                      description: RecordType type of record, e.g. CNAME, A, AAAA,
+                        SRV, TXT etc
+                      type: string
+                    setIdentifier:
+                      description: Identifier to distinguish multiple records with
+                        the same name and type (e.g. Route53 records with routing
+                        policies other than 'simple')
+                      type: string
+                    targets:
+                      description: The targets the DNS record points to
+                      items:
+                        type: string
+                      type: array
+                  type: object
+                type: array
+            type: object
+          status:
+            description: DNSEndpointStatus defines the observed state of DNSEndpoint
+            properties:
+              observedGeneration:
+                description: The generation observed by the external-dns controller.
+                format: int64
+                type: integer
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}

external-dns/kustomization.yaml

@@ -4,13 +4,16 @@ namespace: external-dns
 commonLabels:
   app.kubernetes.io/name: external-dns
 resources:
+- crd.yaml
 - resources.yaml
 - networkpolicy.yaml
 - service-monitor.yaml
+# Enable when AWS TXT records supported
+# - atproto-txt.yaml
 patches:
 - path: aws_credentials.yaml
 generators:
 - secret-generator.yaml
 images:
 - name: registry.k8s.io/external-dns/external-dns
-  newTag: v0.15.1@sha256:4f3ba4c2bd28030caad05bb7b47fbf47549a46d5e8443b74f0be463550b4fc2b
+  newTag: v0.16.1@sha256:37d3a7a05c4638b8177382b80a627c223bd84a53c1a91be137245bd3cfdf9986

external-dns/resources.yaml

@@ -21,6 +21,13 @@ rules:
 - apiGroups: [""]
   resources: ["nodes"]
   verbs: ["watch", "list"]
+# Rules for DNS Endpoints CRD
+- apiGroups: ["externaldns.k8s.io"]
+  resources: ["dnsendpoints"]
+  verbs: ["get","watch","list"]
+- apiGroups: ["externaldns.k8s.io"]
+  resources: ["dnsendpoints/status"]
+  verbs: ["*"]
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
@@ -55,6 +62,11 @@ spec:
         - --provider=aws
         - --txt-owner-id=digitalocean-hashbang
         - --txt-prefix=_owner.
+        - --source=crd
+        - --domain-filter=hashbang.sh
+        - --managed-record-types=A
+        - --managed-record-types=CNAME
+        - --managed-record-types=TXT
         ports:
         - containerPort: 7979
           name: metrics