feat(dns): implement NSX Project DNS record service

- Implement DNSRecordService for NSX ProjectDnsRecord CRUD operations
- Validate hostnames against VPCNetworkConfiguration allowed DNS zones
- Wrap hostname-mismatch error as DNSZoneValidationError for accurate
  DNSRecordReady condition reporting

Author: wenyingd

go.mod

@@ -39,6 +39,7 @@ require (
 	go.uber.org/automaxprocs v1.6.0
 	go.uber.org/zap v1.27.1
 	golang.org/x/crypto v0.50.0
+	golang.org/x/net v0.53.0
 	golang.org/x/sync v0.20.0
 	golang.org/x/time v0.14.0
 	gopkg.in/ini.v1 v1.67.1
@@ -108,7 +109,6 @@ require (
 	go.yaml.in/yaml/v2 v2.4.4 // indirect
 	go.yaml.in/yaml/v3 v3.0.4 // indirect
 	golang.org/x/mod v0.35.0 // indirect
-	golang.org/x/net v0.53.0 // indirect
 	golang.org/x/oauth2 v0.36.0 // indirect
 	golang.org/x/sys v0.43.0 // indirect
 	golang.org/x/term v0.42.0 // indirect

pkg/clean/clean.go

@@ -12,6 +12,7 @@ import (
 	"github.com/vmware-tanzu/nsx-operator/pkg/logger"
 	"github.com/vmware-tanzu/nsx-operator/pkg/nsx"
 	"github.com/vmware-tanzu/nsx-operator/pkg/nsx/services/common"
+	"github.com/vmware-tanzu/nsx-operator/pkg/nsx/services/dns"
 	"github.com/vmware-tanzu/nsx-operator/pkg/nsx/services/inventory"
 	"github.com/vmware-tanzu/nsx-operator/pkg/nsx/services/ipaddressallocation"
 	"github.com/vmware-tanzu/nsx-operator/pkg/nsx/services/nsxserviceaccount"
@@ -115,6 +116,10 @@ func InitializeCleanupService(cf *config.NSXOperatorConfig, nsxClient *nsx.Clien
 	if err != nil {
 		return nil, err
 	}
+	dnsRecordService, err := dns.InitializeDNSRecordService(commonService, vpcService)
+	if err != nil {
+		return nil, err
+	}
 	subnetPortService, err := subnetport.InitializeSubnetPort(commonService, vpcService, ipAddressAllocationService)
 	if err != nil {
 		return nil, err
@@ -155,6 +160,11 @@ func InitializeCleanupService(cf *config.NSXOperatorConfig, nsxClient *nsx.Clien
 			return ipAddressAllocationService, nil
 		}
 	}
+	wrapInitializeDNSRecordService := func(service common.Service) cleanupFunc {
+		return func() (interface{}, error) {
+			return dnsRecordService, nil
+		}
+	}
 	wrapInitializeSubnetBinding := func(service common.Service) cleanupFunc {
 		return func() (interface{}, error) {
 			return subnetbinding.InitializeService(service)
@@ -213,6 +223,7 @@ func InitializeCleanupService(cf *config.NSXOperatorConfig, nsxClient *nsx.Clien
 	loggedAdd("StaticRoute", wrapInitializeStaticRoute(commonService))
 	loggedAdd("VPC", wrapInitializeVPC(commonService))
 	loggedAdd("IPAddressAllocation", wrapInitializeIPAddressAllocation(commonService))
+	loggedAdd("DNSRecord", wrapInitializeDNSRecordService(commonService))
 	loggedAdd("Inventory", wrapInitializeInventory(commonService))
 	loggedAdd("LBInfraCleaner", wrapInitializeLBInfraCleaner(commonService))
 	loggedAdd("HealthCleaner", wrapInitializeHealthCleaner(commonService))

pkg/clean/clean_test.go

@@ -14,6 +14,7 @@ import (
 	"github.com/vmware-tanzu/nsx-operator/pkg/config"
 	"github.com/vmware-tanzu/nsx-operator/pkg/nsx"
 	"github.com/vmware-tanzu/nsx-operator/pkg/nsx/services/common"
+	"github.com/vmware-tanzu/nsx-operator/pkg/nsx/services/dns"
 	"github.com/vmware-tanzu/nsx-operator/pkg/nsx/services/inventory"
 	"github.com/vmware-tanzu/nsx-operator/pkg/nsx/services/ipaddressallocation"
 	"github.com/vmware-tanzu/nsx-operator/pkg/nsx/services/nsxserviceaccount"
@@ -187,6 +188,9 @@ func TestInitializeCleanupService_Success(t *testing.T) {
 	patches.ApplyFunc(ipaddressallocation.InitializeIPAddressAllocation, func(service common.Service, vpcService common.VPCServiceProvider, flag bool) (*ipaddressallocation.IPAddressAllocationService, error) {
 		return &ipaddressallocation.IPAddressAllocationService{}, nil
 	})
+	patches.ApplyFunc(dns.InitializeDNSRecordService, func(service common.Service, vpcService common.VPCServiceProvider) (*dns.DNSRecordService, error) {
+		return &dns.DNSRecordService{}, nil
+	})
 	patches.ApplyFunc(subnetbinding.InitializeService, func(service common.Service) (*subnetbinding.BindingService, error) {
 		return &subnetbinding.BindingService{}, nil
 	})
@@ -216,7 +220,7 @@ func TestInitializeCleanupService_Success(t *testing.T) {
 	// vpcPreCleaners: SubnetPort, SubnetBinding, SubnetIPReservation, Inventory, SecurityPolicy, LBInfraCleaner, NSXServiceAccount, HealthCleaner = 8
 	assert.Len(t, cleanupService.vpcPreCleaners, 7)
 	assert.Len(t, cleanupService.vpcChildrenCleaners, 5)
-	assert.Len(t, cleanupService.infraCleaners, 2)
+	assert.Len(t, cleanupService.infraCleaners, 3)
 }
 
 func TestInitializeCleanupService_VPCError(t *testing.T) {
@@ -245,6 +249,9 @@ func TestInitializeCleanupService_VPCError(t *testing.T) {
 	patches.ApplyFunc(ipaddressallocation.InitializeIPAddressAllocation, func(service common.Service, vpcService common.VPCServiceProvider, flag bool) (*ipaddressallocation.IPAddressAllocationService, error) {
 		return &ipaddressallocation.IPAddressAllocationService{}, nil
 	})
+	patches.ApplyFunc(dns.InitializeDNSRecordService, func(service common.Service, vpcService common.VPCServiceProvider) (*dns.DNSRecordService, error) {
+		return &dns.DNSRecordService{}, nil
+	})
 	patches.ApplyFunc(subnetbinding.InitializeService, func(service common.Service) (*subnetbinding.BindingService, error) {
 		return &subnetbinding.BindingService{}, nil
 	})

pkg/mock/dnsrecordprovider/client.go

@@ -0,0 +1,3 @@
+// Package mocks provides MockDNSRecordProvider for dns.DNSRecordProvider.
+// client.go is hand-written: github.com/golang/mock/mockgen@v1.6 cannot parse generic sets.Set in interface methods.
+package mocks

pkg/mock/dnsrecordprovider/doc.go

@@ -0,0 +1,4 @@
+// Package mocks contains a generated mock for projects.DnsRecordsClient.
+//
+//go:generate go run github.com/golang/mock/mockgen@v1.6.0 -destination=client.go -package=mocks github.com/vmware/vsphere-automation-sdk-go/services/nsxt/orgs/projects DnsRecordsClient
+package mocks