pulumi up --refresh detects spurious diff for wildcard CNAME

[anentropic]

I have the following directive:

domain = do.Domain(
    "my-domain",
    name=APPS_DOMAIN,
    ip_address=droplet.ipv4_address,  # will also create an A record
)
do.DnsRecord(
    "my-domain-cname-*",
    domain=domain.name,
    type="CNAME",
    name="*.",
    value=f"{APPS_DOMAIN}.",
)

This successfully creates a wildcard CNAME I can see in DO control panel as:

CNAME | *.mydomain.com | is an alias of mydomain.com.

When I run pulumi up --refresh I see:

~   ├─ digitalocean:index:DnsRecord         my-domain-cname-*           updated     [diff: ~name]

If I select details option I see:

  pulumi:pulumi:Stack: (same)
    [urn=urn:pulumi:mystack::myproject::pulumi:pulumi:Stack::myproject-mystack]
    ~ digitalocean:index/dnsRecord:DnsRecord: (update)
        [id=121524987]
        [urn=urn:pulumi:mystack::myproject::digitalocean:index/dnsRecord:DnsRecord::my-domain-cname-*]
        [provider=urn:pulumi:mystack::myproject::pulumi:providers:digitalocean::default_3_0_2::45056d4d-7a06-4baa-98bd-2fec03269898]
      ~ name: "*" => "*."

If I go ahead with the update and check the DO control panel afterwards then nothing has changed (which is good, I think it was fine already)

But if I run pulumi up --refresh again it finds the same diff

I believe this is probably due to asymmetry between GET and POST values of the CNAME name in DigitalOcean API... it seems they strip the trailing . in the GET response:

    {
      "id": 121524987,
      "type": "CNAME",
      "name": "*",
      "data": "@",
      "priority": null,
      "port": null,
      "ttl": 1800,
      "weight": null,
      "flags": null,
      "tag": null
    },

but require it in the POST body when adding the record