fix(source): skip pod DNS when PodIP is empty for IP-derived records

[isumitsolanki]

What does it do ?

Skips pod-source endpoint generation whenever the record would be built from pod.Status.PodIP but that value is still empty (e.g. pod is Pending). This applies to internal hostname annotation, --pod-source-domain without explicit targets, and kops-dns-controller internal hostname. It avoids SuitableType("") producing a CNAME with an empty target; skips are logged at debug, consistent with hostsFromTemplate. Adds three TestPodSource table cases for pending pods with empty PodIP.

Motivation

Fixes #6375 — empty-target CNAMEs could block later A records at the same name (e.g. Azure Private DNS CNAME naming restriction).

More

• Yes, this PR title follows Conventional Commits
• Yes, I added unit tests
• Yes, I updated end user documentation accordingly

[k8s-ci-robot]

Welcome @isumitsolanki!

It looks like this is your first PR to kubernetes-sigs/external-dns 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes-sigs/external-dns has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. 😃

[k8s-ci-robot]

Hi @isumitsolanki. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[ivankatliarchuk]

/ok-to-test

[coveralls]

Coverage Report for CI Build 25158358874

Coverage increased (+0.005%) to 80.491%

Details

• Coverage increased (+0.005%) from the base build.
• Patch coverage: No coverable lines changed in this PR.
• 3 coverage regressions across 2 files.

Uncovered Changes

No uncovered changes found.

Coverage Regressions

3 previously-covered lines in 2 files lost coverage.

File	Lines Losing Coverage	Coverage
pod.go	2	97.33%
openshift_route.go	1	82.93%

---

Coverage Stats

Relevant Lines:	21405
Covered Lines:	17229
Line Coverage:	80.49%
Coverage Strength:	1465.09 hits per line

---

💛 - Coveralls

[ivankatliarchuk]

The same pattern appears four times in pod.go — identical log message, identical condition

something like

 // addInternalHostnameAnnotationEndpoints
  if len(targets) == 0 && pod.Status.PodIP == "" {
      log.Debugf("skipping pod %q. PodIP is empty with phase %q", pod.Name, pod.Status.Phase)
      return
  }

  // addKopsDNSControllerEndpoints
  if pod.Status.PodIP == "" {
      log.Debugf("skipping pod %q. PodIP is empty with phase %q", pod.Name, pod.Status.Phase)
  }

  // addPodSourceDomainEndpoints
  if pod.Status.PodIP == "" {
      log.Debugf("skipping pod %q. PodIP is empty with phase %q", pod.Name, pod.Status.Phase)
  }

  // hostsFromTemplate (pre-existing)
  if address.IP == "" {
      log.Debugf("skipping pod %q. PodIP is empty with phase %q", pod.Name, pod.Status.Phase)
  }

A small helper could eliminate the repetition and have a common method

// returns false and logs if PodIP is empty
  func podIPReady(pod *v1.Pod) bool {
      if pod.Status.PodIP == "" {
          log.Debugf("skipping pod %q. PodIP is empty with phase %q", pod.Name, pod.Status.Phase)
          return false
      }
      return true
  }

Then the call sites become a single line each - e.g. if !podIPReady(pod) { return }

[ivankatliarchuk]

Actually after review, a more robust fix would be a single check at the top of addPodEndpointsToEndpointMap

  func (ps *podSource) addPodEndpointsToEndpointMap(endpointMap map[endpoint.EndpointKey][]string, pod *v1.Pod) {
      if ps.ignoreNonHostNetworkPods && !pod.Spec.HostNetwork {
          log.Debugf("skipping pod %s. hostNetwork=false", pod.Name)
          return
      }
      if pod.Status.Phase != v1.PodRunning {
          log.Debugf("skipping pod %q. phase is %q", pod.Name, pod.Status.Phase)
          return
      }
      // ...
  }

This would cover all paths — current and future - with one guard instead of per-function checks. The trade-off is that it also skips Succeeded/Failed pods with explicit targets annotations (which currently still produce records), but that's arguably correct behavior anyway — a terminated pod shouldn't own DNS records.

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please ask for approval from ivankatliarchuk. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment