Add SOA to root-level record deletion exception

[rtokarek-fastly]

Added SOA to the google_dns_record_set types that are faux-deleted.

When trying to delete record-sets that are managed by terraform, some types can't actually be deleted by DNS and API restrictions. The code previously only pretended deletes for root-level NS records. This change adds SOA to that behavior so that terraform delete/destroy can function properly when SOA is explicitly managed.

(It doesn't make sense to delete the Start Of Authority (SOA) or root-level NS records by themselves as they're fundamental to the zone construct – their value can be changed, but they must exist for the zone itself to exist.)

This problem would only manifest when managing SOA as a google_dns_record_set resource in terraform with custom values. If left unspecified/implied (default) as part of the zone resource, the zone resource already correctly bypasses deletion of the SOA record on deletion.

See issue hashicorp/terraform-provider-google#12827

This PR is for Terraform, and I acknowledge that I have:

• Searched through the issue tracker for an open issue that this either resolves or contributes to, commented on it to claim it, and written "fixes {url}" or "part of {url}" in this PR description. If there were no relevant open issues, I opened one and commented that I would like to work on it (not necessary for very small changes).
• Generated Terraform, and ran make test and make lint to ensure it passes unit and linter tests. See below
• Ensured that all new fields I added that can be set by a user appear in at least one example (for generated resources) or third_party test (for handwritten resources or update tests).
• Ran relevant acceptance tests (If the acceptance tests do not yet pass or you are unable to run them, please let your reviewer know). **Tests not run successfully. I'm not sure if there is a better branch to choose from that would have succeeded.
• Read the Release Notes Guide before writing my release note below.

I did build the terraform-provider-google successfully, but make test and lint in the resultant provider failed due to google/resource_compute_subnetwork.go:39:22: undefined: cidr issues (not any code I touched). main (without my change) make test fails for me (possibly, my dev environment is not correct). I reached a limit with how much I was willing to pursue tests on my own given the 2 line of code proposed change.

I have not run acceptance tests as earlier tests failed. I'm willing to give it another go.

Release Note Template for Downstream PRs (will be copied)

dns: Fixed deletion of managed SOA `google_dns_record_set` resources to match the short-circuited delete behavior of root-level NS records. 

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

[modular-magician]

Hello! I am a robot who works on Magic Modules PRs.

I've detected that you're a community contributor. @melinath, a repository maintainer, has been assigned to assist you and help review your changes.

❓ First time contributing? Click here for more details

---

Your assigned reviewer will help review your code by:

• Ensuring it's backwards compatible, covers common error cases, etc.
• Summarizing the change into a user-facing changelog note.
• Passes tests, either our "VCR" suite, a set of presubmit tests, or with manual test runs.

You can help make sure that review is quick by running local tests and ensuring they're passing in between each push you make to your PR's branch. Also, try to leave a comment with each push you make, as pushes generally don't generate emails.

If your reviewer doesn't get back to you within a week after your most recent change, please feel free to leave a comment on the issue asking them to take a look! In the absence of a dedicated review dashboard most maintainers manage their pending reviews through email, and those will sometimes get lost in their inbox.

---

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

Terraform GA: Diff ( 1 file changed, 8 insertions(+), 9 deletions(-))
Terraform Beta: Diff ( 1 file changed, 8 insertions(+), 9 deletions(-))
TF Validator: Diff ( 2 files changed, 3 insertions(+), 3 deletions(-))

[modular-magician]

Tests analytics

Total tests: 2196
Passed tests 1952
Skipped tests: 239
Failed tests: 5

Action taken

Triggering VCR tests in RECORDING mode for the tests that failed during VCR. Click here to see the failed tests

TestAccFirebaserulesRelease_BasicRelease|TestAccBigtableAppProfile_bigtableAppProfileSingleclusterExample|TestAccBigtableAppProfile_bigtableAppProfileAnyclusterExample|TestAccBigtableAppProfile_bigtableAppProfileMulticlusterExample|TestAccBigQueryDataTable_bigtable

[modular-magician]

Tests passed during RECORDING mode:
TestAccFirebaserulesRelease_BasicRelease[Debug log]
TestAccBigtableAppProfile_bigtableAppProfileSingleclusterExample[Debug log]
TestAccBigtableAppProfile_bigtableAppProfileAnyclusterExample[Debug log]
TestAccBigtableAppProfile_bigtableAppProfileMulticlusterExample[Debug log]
TestAccBigQueryDataTable_bigtable[Debug log]

All tests passed
View the build log or the debug log for each test

[melinath]

Confirmed via the product docs that this behavior is the same for NS and SOA records: https://cloud.google.com/dns/docs/records#remove_a_record

Could you please add a test for SOA behavior that would've caught this? Probably similar to TestAccDNSRecordSet_secondaryNS

[melinath]

re-marking as changes requested since there's still more work to do from the previous review.

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

Terraform GA: Diff ( 1 file changed, 8 insertions(+), 9 deletions(-))
Terraform Beta: Diff ( 1 file changed, 8 insertions(+), 9 deletions(-))
TF Validator: Diff ( 2 files changed, 3 insertions(+), 3 deletions(-))

[modular-magician]

Tests analytics

Total tests: 2240
Passed tests 1999
Skipped tests: 241
Failed tests: 0

All tests passed in REPLAYING mode
View the build log

[niklas-dah-gcx]

Hi @melinath, since this PR is stale:
Would a PR which fixes this issue be welcome if the corresponding tests and docs are added/changed?

[melinath]

yep!

[melinath]

assuming this is still an issue.

[mario-steinhoff-gcx]

assuming this is still an issue.

@melinath yeah, we just ran into it :D

[NiklasDah]

This has been merged in #10559, thus this PR can be closed, right?

Thanks for the smooth and straight forward process @SarahFrench!

[melinath]

seems like it!