ldraney/pal-e-platform
1
0
Fork 0
Code Issues 104 Pull requests 7 Projects Releases Packages Wiki Activity Actions

Add godaddy-tofu provider to terraform and configure DNS records #435

New issue
Closed
opened 2026-06-14 17:28:06 +00:00 by ldraney · 2 comments
ldraney commented 2026-06-14 17:28:06 +00:00
Owner
Copy link

Type

Feature

Lineage

Related to ldraney/godaddy-tofu #11 (DNS resource — completed).

Repo

ldraney/pal-e-platform

User Story

As a platform operator
I want DNS records managed as IaC in pal-e-platform
So that domain configuration is version-controlled and reproducible

Context

The godaddy-tofu provider is complete (all issues closed, CI active). DNS A records for palinks.app and landscaping-assistant.app currently point to the Hetzner edge VPS at 178.156.129.142 but are managed manually through the GoDaddy console. This ticket brings those records under Tofu management.

The provider is not in any public registry. Use dev_overrides in ~/.terraformrc pointing to the go install output of godaddy-tofu, or copy the binary to the local plugin cache directory.

File Targets

Files the agent should modify or create:

  • terraform/versions.tf -- add godaddy provider to required_providers block
  • terraform/providers.tf -- add provider "godaddy" config block with api_key/api_secret from SOPS secrets
  • terraform/dns.tf (new) -- godaddy_dns_record resources for palinks.app and landscaping-assistant.app A records pointing to 178.156.129.142
  • terraform/variables.tf -- add variables for GoDaddy API credentials

Files the agent should NOT touch:

  • terraform/main.tf -- unrelated infrastructure
  • terraform/k3s.tf -- cluster config, not DNS

Feature Flag

none

Acceptance Criteria

  • When I run tofu plan, then 2 DNS record resources are shown (palinks.app A, landscaping-assistant.app A)
  • When I run tofu apply, then records are created in GoDaddy DNS
  • When I run dig palinks.app and dig landscaping-assistant.app, then both resolve to 178.156.129.142
  • Provider credentials are sourced from SOPS-encrypted secrets, not plaintext

Test Expectations

  • tofu plan succeeds without errors and shows expected resources
  • tofu apply creates records, tofu destroy removes them
  • dig queries confirm correct resolution after apply
  • Run command: cd terraform && tofu plan

Constraints

  • godaddy-tofu provider binary must be available locally — use dev_overrides in ~/.terraformrc or copy to plugin cache
  • Follow existing pal-e-platform terraform patterns for provider configuration and variable naming
  • Prerequisite ldraney/godaddy-tofu #11 (DNS resource CRUD) is satisfied — provider is complete and tested
  • A records must point to 178.156.129.142 (Hetzner edge VPS running Caddy + Tailscale reverse proxy)

Checklist

  • PR opened
  • Tests pass
  • No unrelated changes

Related

  • pal-e-platform -- project this affects
  • ldraney/godaddy-tofu -- custom provider repo
### Type Feature ### Lineage Related to `ldraney/godaddy-tofu #11` (DNS resource — completed). ### Repo `ldraney/pal-e-platform` ### User Story As a platform operator I want DNS records managed as IaC in pal-e-platform So that domain configuration is version-controlled and reproducible ### Context The godaddy-tofu provider is complete (all issues closed, CI active). DNS A records for `palinks.app` and `landscaping-assistant.app` currently point to the Hetzner edge VPS at `178.156.129.142` but are managed manually through the GoDaddy console. This ticket brings those records under Tofu management. The provider is not in any public registry. Use `dev_overrides` in `~/.terraformrc` pointing to the `go install` output of godaddy-tofu, or copy the binary to the local plugin cache directory. ### File Targets Files the agent should modify or create: - `terraform/versions.tf` -- add godaddy provider to `required_providers` block - `terraform/providers.tf` -- add `provider "godaddy"` config block with api_key/api_secret from SOPS secrets - `terraform/dns.tf` (new) -- `godaddy_dns_record` resources for palinks.app and landscaping-assistant.app A records pointing to 178.156.129.142 - `terraform/variables.tf` -- add variables for GoDaddy API credentials Files the agent should NOT touch: - `terraform/main.tf` -- unrelated infrastructure - `terraform/k3s.tf` -- cluster config, not DNS ### Feature Flag none ### Acceptance Criteria - [ ] When I run `tofu plan`, then 2 DNS record resources are shown (palinks.app A, landscaping-assistant.app A) - [ ] When I run `tofu apply`, then records are created in GoDaddy DNS - [ ] When I run `dig palinks.app` and `dig landscaping-assistant.app`, then both resolve to 178.156.129.142 - [ ] Provider credentials are sourced from SOPS-encrypted secrets, not plaintext ### Test Expectations - [ ] `tofu plan` succeeds without errors and shows expected resources - [ ] `tofu apply` creates records, `tofu destroy` removes them - [ ] `dig` queries confirm correct resolution after apply - Run command: `cd terraform && tofu plan` ### Constraints - godaddy-tofu provider binary must be available locally — use `dev_overrides` in `~/.terraformrc` or copy to plugin cache - Follow existing pal-e-platform terraform patterns for provider configuration and variable naming - Prerequisite `ldraney/godaddy-tofu #11` (DNS resource CRUD) is satisfied — provider is complete and tested - A records must point to `178.156.129.142` (Hetzner edge VPS running Caddy + Tailscale reverse proxy) ### Checklist - [ ] PR opened - [ ] Tests pass - [ ] No unrelated changes ### Related - `pal-e-platform` -- project this affects - `ldraney/godaddy-tofu` -- custom provider repo
ldraney commented 2026-06-14 20:22:42 +00:00
Author
Owner
Copy link

Scope Review: NEEDS_REFINEMENT

Review note: review-1462-2026-06-14

File targets are incomplete and one is misleading -- required_providers lives in versions.tf, not providers.tf. Secrets path is too vague for an agent to act on. Arch traceability gap: arch:pal-e-platform label has no backing note.

  • [BODY] Add terraform/versions.tf, terraform/variables.tf, and terraform/secrets.auto.tfvars.example to File Targets
  • [BODY] Clarify provider binary installation method (dev_overrides or go install)
  • [BODY] Update Constraints -- godaddy-tofu #11 is now closed
  • [LABEL] Change arch:pal-e-platform to arch:godaddy-tofu (note exists), or [SCOPE] create arch-pal-e-platform note
## Scope Review: NEEDS_REFINEMENT Review note: `review-1462-2026-06-14` File targets are incomplete and one is misleading -- `required_providers` lives in `versions.tf`, not `providers.tf`. Secrets path is too vague for an agent to act on. Arch traceability gap: `arch:pal-e-platform` label has no backing note. - `[BODY]` Add `terraform/versions.tf`, `terraform/variables.tf`, and `terraform/secrets.auto.tfvars.example` to File Targets - `[BODY]` Clarify provider binary installation method (dev_overrides or go install) - `[BODY]` Update Constraints -- godaddy-tofu #11 is now closed - `[LABEL]` Change `arch:pal-e-platform` to `arch:godaddy-tofu` (note exists), or `[SCOPE]` create `arch-pal-e-platform` note
ldraney commented 2026-06-14 20:29:12 +00:00
Author
Owner
Copy link

Scope Review: APPROVED

Review note: review-1462-2026-06-14-r2
Re-review after refinement -- all 4 findings from initial review addressed. Template complete, file targets verified against live repo, dependencies satisfied, acceptance criteria testable. Ready for implementation.

Non-blocking acknowledged gap: no arch-pal-e-platform note exists (platform-wide gap, tracked separately).

## Scope Review: APPROVED Review note: `review-1462-2026-06-14-r2` Re-review after refinement -- all 4 findings from initial review addressed. Template complete, file targets verified against live repo, dependencies satisfied, acceptance criteria testable. Ready for implementation. Non-blocking acknowledged gap: no `arch-pal-e-platform` note exists (platform-wide gap, tracked separately).
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
fix-dashboard-metric-names
netpol-westside-ror
spec-board-centric-renderer
457-add-dns-and-caddy-config-for-myvibes-wor
411-remove-deprecated-pal-e-app-references-f
412-remove-deprecated-westside-admin-referen
fix-gem-bin-path
fix-woodpecker-multi-pipeline
345-harbor-mobile-css
290-payment-pipeline-observability
284-fix-add-pal-e-docs-namespace-to-postgres
284-add-pal-e-docs-postgres-netpol
188-cross-repo-worktree-isolation-for-parall
111-fix-keycloak-probe
86-fix-rotate-woodpecker-api-token-in-salt
71-feat-deploy-pyrra-slo-manager-with-servi
64-hotfix-woodpecker-oauth-login-broken-for
18-fix-grafana-duplicate-default-datasource-v2
18-fix-grafana-duplicate-default-datasource
13-fix-cnpg-all-parameters
No results found.
Labels
Clear labels   
domain:backend

   
domain:devops

   
domain:frontend

   
status:approved

QA passed, awaiting merge approval

  
status:in-progress

Dev agent is actively working

  
status:needs-fix

QA found issues, back to dev

  
status:qa

PR submitted, awaiting QA review

  
type:bug

Bug fix

  
type:devops

Infrastructure/CI/config work

  
type:feature

New functionality

No labels
domain:backend
domain:devops
domain:frontend
status:approved
status:in-progress
status:needs-fix
status:qa
type:bug
type:devops
type:feature
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
ldraney/pal-e-platform#435
No description provided.