HTTPS record `ech=IGNORE` causes a MODIFY every run until ech has a value on the dns side

[Gunni]

Describe the bug When using HTTPS("…", 1, ".", "alpn=h3 … ech=IGNORE"), but ech has not yet been set by the owner, then dnscontrol keeps saying it needs to change it … by adding a space that isn't there every run…

To Reproduce

1. Create a HTTPS record with ech=IGNORE
   • + CREATE ccccc.example.com HTTPS 1 . alpn="h3" ttl=1
2. run dnscontrol again
   • ± MODIFY ccccc.example.com HTTPS (1 . alpn="h3" ttl=1) -> (1 . alpn="h3" ttl=1) id=X
3. Observe changes, every, run…
   • ± MODIFY ccccc.example.com HTTPS (1 . alpn="h3" ttl=1) -> (1 . alpn="h3" ttl=1) id=X

Expected behavior

1. + CREATE ccccc.example.com HTTPS 1 . alpn="h3" ttl=1
   • observe no double space between value and ttl
2. re-run
   • observe no change to record

DNS Provider

• Cloudflare

Additional context The ECH field needs to be managed by whoever manages the certs (probably the webserver), and when making these records but before first use means it doesn't have a value.

Note that this issue was missed in testing because ech has a value there…

[tlimoncelli]

Hey, @charliez0, could you take a look at this?

If possible, can you add this as a test case to $git/dnscontrol/integrationTest/integration_test.go plz?

CC @tresni