I don’t think it counts as one, I was thinking that needs the governance contract to either recursively call itself or call an external unrelated contract
Correct, the Beanstalk thing was not a reentrancy attack. That was a governance attack on the world's most insecure DAO. The Rari Capital exploit was a reentrancy attack.
https://twitter.com/BTCTN/status/1520425720631156736?s=20&t=...