Handling multiple Istio virtualservices with wildcard hostname in gateway

[benbouillet]

What would you like to be added:

We'd like external-dns to be able to manage DNS record for multiple Istio virtualservices behind an Istio gateway with a wildcard hostname configuration.
As of now, if the hostname configuration is delegated to the virtualservices (ie. the Gateway is configured with a wildcard hostname, and virtualservices manages multiple paths on one hostname) , external-dns will loop over the virtualservice and endlessly try to update the DNS records

Why is this needed:
SRE team here, we'd like to avoid managing the DNS records for each new API/app release, so the gateway is configured this way:

...
spec:
  selector:
    app: gateway-api
  servers:
  - hosts:
    - '*'
    port:
      name: https
      number: 443
      protocol: HTTPS
...

The associated virtualservice are configured this way:

% k get virtualservice -A
NAMESPACE   NAME                        GATEWAYS                    HOSTS                                                                  AGE
apps        service1                    ["gateway-api"]             ["api.ourdomain.com"]                                          80d
apps        service2                    ["gateway-api"]             ["api.ourdomain.com"]                                          80d
apps        service3                    ["gateway-api"]             ["api.ourdomain.com"]                                          80d

...
spec:
  gateways:
  - gateway-api
  hosts:
  - api.ourdomain.com
...
    match:
    - uri:
        prefix: /service1/
    rewrite:
      uri: /
    route:
    - destination:
        host: service1-http
...

As hosts are defined at the virtualservice level (and as "*" at the gateway level), we configured the sources as following in the external-dns helm chart:

  sources:
  - istio-virtualservice
  - ingress

When deploying external-dns, looping on each virtualservice, each virtualservice wants to manage the DNS entry and rewrite the previous one:

time="2024-06-18T09:44:04Z" level=info msg="Del records: api.domain.com. TXT [\"heritage=external-dns,external-dns/owner=external-dns-staging,external-dns/resource=virtualservice/apps/service1\"] 300"
time="2024-06-18T09:44:04Z" level=info msg="Del records: a-api.domain.com. TXT [\"heritage=external-dns,external-dns/owner=external-dns-staging,external-dns/resource=virtualservice/apps/service1\"] 300"
time="2024-06-18T09:44:04Z" level=info msg="Add records: api.domain.com. A [<REDACTED_IP>] 300"
time="2024-06-18T09:44:04Z" level=info msg="Add records: a-api.domain.com. TXT [\"heritage=external-dns,external-dns/owner=external-dns-staging,external-dns/resource=virtualservice/apps/service2\"] 300"
time="2024-06-18T09:44:04Z" level=info msg="Add records: api.domain.com. TXT [\"heritage=external-dns,external-dns/owner=external-dns-staging,external-dns/resource=virtualservice/apps/service2\"] 300"

Note: some details were redacted for IP reasons (eg. service names, FQDNs & IP addresses)