DNS settings not applied on creation of network resource

[valiac]

Summary

When settings DNS server & domain on a new network using the zerotier_network resource provided by this provider, the DNS settings are lost on the initial creation of the network.
Terraform seems to think the changes went through, saves the DNS settings to state & reports success, but the DNS settings are not reflected in the Central UI.
When running terraform plan a second time after creating the network, terraform warns about changes that happened outside of terraform & removed the DNS settings and plans applying them again. Only after running terraform apply a second time after the network has already been created, the DNS settings are permanently applied.

expected behaviour

DNS settings are applied on network creation and subsequent terraform plan outputs:

module.this["setting_dns"].zerotier_network.this: Refreshing state... [id=xxx]

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed.

observed behaviour

DNS settings are not applied on network creation and subsequent terraform plan outputs:

module.this["setting_dns"].zerotier_network.this: Refreshing state... [id=xxx]

Note: Objects have changed outside of Terraform

Terraform detected the following changes made outside of Terraform since the last "terraform apply" which may have affected this plan:

  # module.this["setting_dns"].zerotier_network.this has changed
  ~ resource "zerotier_network" "this" {
        id               = "xxx"
        name             = "setting_dns"
        # (6 unchanged attributes hidden)

      - dns {
          - domain  = "example.com" -> null
          - servers = [
              - "10.10.10.1",
              - "10.10.10.2",
            ] -> null
        }
      + dns {
          + servers = []
        }

        # (4 unchanged blocks hidden)
    }


Unless you have made equivalent changes to your configuration, or ignored the relevant attributes using ignore_changes, the following plan
may include actions to undo or respond to these changes.

───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # module.this["setting_dns"].zerotier_network.this will be updated in-place
  ~ resource "zerotier_network" "this" {
        id               = "xxx"
        name             = "setting_dns"
        # (6 unchanged attributes hidden)

      - dns {
          - servers = [] -> null
        }
      + dns {
          + domain  = "example.com"
          + servers = [
              + "10.10.10.1",
              + "10.10.10.2",
            ]
        }

        # (4 unchanged blocks hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

How to reproduce

1. Create a network including the following block using the zerotier_network resource

  dns {
    domain = "example.com"
    servers = [
      "10.10.10.1",
      "10.10.10.2"
    ]
  }

2. terraform apply
3. check the new network in Zerotier Central UI for DNS settings
4. terraform plan
5. terraform apply again

Other Samples

Output of terraform --version

❯  terraform --version
Terraform v1.8.5
on darwin_arm64
+ provider registry.terraform.io/zerotier/zerotier v1.4.2

for reference here is the plan output on first apply where the network is created (changes to outputs omitted)

  # module.this["setting_dns"].zerotier_network.this will be created
  + resource "zerotier_network" "this" {
      + creation_time    = (known after apply)
      + description      = "Hello Zerotier!"
      + enable_broadcast = true
      + flow_rules       = "accept;"
      + id               = (known after apply)
      + multicast_limit  = 32
      + name             = "setting_dns"
      + private          = true

      + assign_ipv4 {
          + zerotier = true
        }

      + assign_ipv6 {
          + rfc4193  = true
          + sixplane = false
          + zerotier = true
        }

      + assignment_pool {
          + end   = "10.9.76.255"
          + start = "10.9.76.1"
        }

      + dns {
          + domain  = "example.com"
          + servers = [
              + "10.10.10.1",
              + "10.10.10.2",
            ]
        }

      + route {
          + target = "10.9.76.0/24"
        }
    }

Plan: 1 to add, 0 to change, 0 to destroy.

... and the result:

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

Outputs:

this = {
  "setting_dns" = {
    "assign_ipv4" = toset([
      {
        "zerotier" = true
      },
    ])
    "assign_ipv6" = toset([
      {
        "rfc4193" = true
        "sixplane" = false
        "zerotier" = true
      },
    ])
    "assignment_pool" = toset([
      {
        "end" = "10.9.76.255"
        "start" = "10.9.76.1"
      },
    ])
    "creation_time" = 1718723320568
    "description" = "Hello Zerotier!"
    "dns" = toset([
      {
        "domain" = "example.com"
        "servers" = tolist([
          "10.10.10.1",
          "10.10.10.2",
        ])
      },
    ])
    "enable_broadcast" = true
    "flow_rules" = "accept;"
    "id" = "xxx"
    "multicast_limit" = 32
    "name" = "setting_dns"
    "private" = true
    "route" = toset([
      {
        "target" = "10.9.76.0/24"
        "via" = ""
      },
    ])
  }
}

[valiac]

@someara

[someara]

Supported added in go-ztcentral v0.6.0.
Will come around for this within a couple days