Add groupId to DNS records for verification

[aomkoyo]

Description

Enables a domain to work with Furimoe

Type of change

Please mark options that are relevant.

• New template
• Bug fix (non-breaking change which fixes an issue in the template)
• New feature (non-breaking change which adds functionality to the template)
• Breaking change (fix or feature that would cause existing template behavior to be not backward compatible)

How Has This Been Tested?

Please mark the following checks done

• Schema validated using JSON Schema template.schema
• Template functionality checked using Online Editor
• Template is checked using template linter
• Template file name follows the pattern <providerId>.<serviceId>.json
• resource URL provided with logoUrl is actually served by a webserver

Checklist of common problems

Mark all the checkboxes after conducting the check. Comment on any point which is not fulfilled.

• digital signatures are used and syncPubKeyDomain specified (yes, warnPhishing is an option, but some providers reject such templates by policy, so signing shall be a default)
• syncRedirectDomain is specified when intended to use redirect_uri parameter in the synchronous flow
• no TXT record with SPF content (i.e. "v=spf1 ...") instead of using SPFM record type on APEX
• txtConflictMatchingMode is set on TXT records which shall be unique on a label (like DMARC)
• variables are set to the smallest scope needed (i.e. limit possibility to be misused to set any arbitrary record and conflict with other template). Too broad scope example: @ TXT "%verification%". Better usage: @ TXT "foo-verification=%verification%".
• no variables as a host name to apply template on subdomain instead of standard host parameter
• no explicit usage of %host% variable in host attribute
• essential setting is used on records, which the user shall be able to change or remove manually later without dropping the whole template (like DMARC)

Example variable values

<-- to make review process easier please provide the whole testData object from the Online Editor after testing and using "Add as test" button. Hint: test also with "host" variable set. -->

"testData": {
    "test": {
      "variables": {
        "domain": "furi.moe",
        "host": "furi.moe",
        "group": [
          "subdomain-verification",
          "subdomain",
          "apex"
        ],
        "verifytxt": "c4be57d3-ac64-4a1e-80b3-4d81f047d841",
        "subdomain": "cname",
        "cname": "cname.furi.moe",
        "ip": "192.168.1.1"
      },
      "results": [
        {
          "type": "TXT",
          "name": "_furimoe-challenge.furi.moe",
          "ttl": 60,
          "data": "\"token=c4be57d3-ac64-4a1e-80b3-4d81f047d841\""
        },
        {
          "type": "CNAME",
          "name": "cname.furi.moe",
          "ttl": 600,
          "data": "cname.furi.moe"
        },
        {
          "type": "A",
          "name": "furi.moe",
          "ttl": 600,
          "data": "192.168.1.1"
        }
      ]
    }
  }

[github-actions]

Linter OK:

Linter result for furimoe.com.domain-verification.json

[kerolasa]

Looks good to me.

[pawel-kow]

if you switch to this model because the verification RR always on apex, consider setting multiInstance unless it's ok to have it applied only once for a domain and any subdomain.