6 changed files with 13 additions and 231 deletions
--- a/.drone-manifest.yml
+++ b/.drone-manifest.yml
@ -1,22 +0,0 @@
-image: happydomain/checker-authoritative-consistency:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
-{{#if build.tags}}
-tags:
-{{#each build.tags}}
-  - {{this}}
-{{/each}}
-{{/if}}
-manifests:
-  - image: happydomain/checker-authoritative-consistency:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64
-    platform:
-      architecture: amd64
-      os: linux
-  - image: happydomain/checker-authoritative-consistency:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64
-    platform:
-      architecture: arm64
-      os: linux
-      variant: v8
-  - image: happydomain/checker-authoritative-consistency:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm
-    platform:
-      architecture: arm
-      os: linux
-      variant: v7
--- a/.drone.yml
+++ b/.drone.yml
@ -1,187 +0,0 @@
---
-kind: pipeline
-type: docker
-name: build-amd64
-
-platform:
-  os: linux
-  arch: amd64
-
-steps:
-  - name: checker build
-    image: golang:1-alpine
-    commands:
-      - apk add --no-cache git make
-      - make
-    environment:
-      CHECKER_VERSION: "${DRONE_BRANCH}-${DRONE_COMMIT}"
-      CGO_ENABLED: 0
-    when:
-      event:
-        exclude:
-          - tag
-
-  - name: checker build tag
-    image: golang:1-alpine
-    commands:
-      - apk add --no-cache git make
-      - make
-    environment:
-      CHECKER_VERSION: "${DRONE_SEMVER}"
-      CGO_ENABLED: 0
-    when:
-      event:
-        - tag
-
-  - name: publish on Docker Hub
-    image: plugins/docker
-    settings:
-      repo: happydomain/checker-authoritative-consistency
-      auto_tag: true
-      auto_tag_suffix: ${DRONE_STAGE_OS}-${DRONE_STAGE_ARCH}
-      dockerfile: Dockerfile
-      build_args:
-        - CHECKER_VERSION=${DRONE_BRANCH}-${DRONE_COMMIT}
-      username:
-        from_secret: docker_username
-      password:
-        from_secret: docker_password
-    when:
-      event:
-        exclude:
-          - tag
-
-  - name: publish on Docker Hub (tag)
-    image: plugins/docker
-    settings:
-      repo: happydomain/checker-authoritative-consistency
-      auto_tag: true
-      auto_tag_suffix: ${DRONE_STAGE_OS}-${DRONE_STAGE_ARCH}
-      dockerfile: Dockerfile
-      build_args:
-        - CHECKER_VERSION=${DRONE_SEMVER}
-      username:
-        from_secret: docker_username
-      password:
-        from_secret: docker_password
-    when:
-      event:
-        - tag
-
-trigger:
-  branch:
-    exclude:
-      - renovate/*
-  event:
-    - cron
-    - push
-    - tag
-
---
-kind: pipeline
-type: docker
-name: build-arm64
-
-platform:
-  os: linux
-  arch: arm64
-
-steps:
-  - name: checker build
-    image: golang:1-alpine
-    commands:
-      - apk add --no-cache git make
-      - make
-    environment:
-      CHECKER_VERSION: "${DRONE_BRANCH}-${DRONE_COMMIT}"
-      CGO_ENABLED: 0
-    when:
-      event:
-        exclude:
-          - tag
-
-  - name: checker build tag
-    image: golang:1-alpine
-    commands:
-      - apk add --no-cache git make
-      - make
-    environment:
-      CHECKER_VERSION: "${DRONE_SEMVER}"
-      CGO_ENABLED: 0
-    when:
-      event:
-        - tag
-
-  - name: publish on Docker Hub
-    image: plugins/docker
-    settings:
-      repo: happydomain/checker-authoritative-consistency
-      auto_tag: true
-      auto_tag_suffix: ${DRONE_STAGE_OS}-${DRONE_STAGE_ARCH}
-      dockerfile: Dockerfile
-      build_args:
-        - CHECKER_VERSION=${DRONE_BRANCH}-${DRONE_COMMIT}
-      username:
-        from_secret: docker_username
-      password:
-        from_secret: docker_password
-    when:
-      event:
-        exclude:
-          - tag
-
-  - name: publish on Docker Hub (tag)
-    image: plugins/docker
-    settings:
-      repo: happydomain/checker-authoritative-consistency
-      auto_tag: true
-      auto_tag_suffix: ${DRONE_STAGE_OS}-${DRONE_STAGE_ARCH}
-      dockerfile: Dockerfile
-      build_args:
-        - CHECKER_VERSION=${DRONE_SEMVER}
-      username:
-        from_secret: docker_username
-      password:
-        from_secret: docker_password
-    when:
-      event:
-        - tag
-
-trigger:
-  event:
-    - cron
-    - push
-    - tag
-
---
-kind: pipeline
-name: docker-manifest
-
-platform:
-  os: linux
-  arch: arm64
-
-steps:
-  - name: publish on Docker Hub
-    image: plugins/manifest
-    settings:
-      auto_tag: true
-      ignore_missing: true
-      spec: .drone-manifest.yml
-      username:
-        from_secret: docker_username
-      password:
-        from_secret: docker_password
-
-trigger:
-  branch:
-    exclude:
-      - renovate/*
-  event:
-    - cron
-    - push
-    - tag
-
-depends_on:
-  - build-amd64
-  - build-arm64
--- a/checker/collect.go
+++ b/checker/collect.go
@ -32,7 +32,7 @@ func (p *authoritativeConsistencyProvider) Collect(ctx context.Context, opts sdk
 	data := &ObservationData{
 		Zone:       dns.Fqdn(zone),
 		HasSOA:     svc.SOA != nil,
-		DeclaredNS: normalizeNSList(svc.NameServers, zone),
+		DeclaredNS: normalizeNSList(svc.NameServers),
 		Results:    map[string]*NSResult{},
 	}
 	if svc.SOA != nil {
@ -167,17 +167,13 @@ func loadZone(opts sdk.CheckerOptions, svc *originService) (string, error) {
 	return "", fmt.Errorf("no zone name provided (missing 'domain_name' option and SOA header)")
 }

-func normalizeNSList(ns []*dns.NS, origin string) []string {
+func normalizeNSList(ns []*dns.NS) []string {
 	out := make([]string, 0, len(ns))
 	for _, n := range ns {
 		if n == nil {
 			continue
 		}
-		name := n.Ns
-		if !strings.HasSuffix(name, ".") {
-			name = sdk.JoinRelative(name, strings.TrimSuffix(origin, "."))
-		}
-		out = append(out, strings.ToLower(dns.Fqdn(name)))
+		out = append(out, strings.ToLower(dns.Fqdn(n.Ns)))
 	}
 	sort.Strings(out)
 	return out
--- a/checker/collect_test.go
+++ b/checker/collect_test.go
@ -80,15 +80,13 @@ func TestDiffStringSets_Equal(t *testing.T) {
 }

 func TestNormalizeNSList(t *testing.T) {
-	// Relative labels (no trailing dot) are joined with the zone origin.
-	// Absolute FQDNs (trailing dot) are kept as-is.
 	in := []*dns.NS{
-		{Ns: "ns2"},
+		{Ns: "NS2.Example.COM"},
 		nil,
 		{Ns: "ns1.example.com."},
-		{Ns: "ns1"},
+		{Ns: "NS1.example.com"},
 	}
-	got := normalizeNSList(in, "example.com.")
+	got := normalizeNSList(in)
 	want := []string{"ns1.example.com.", "ns1.example.com.", "ns2.example.com."}
 	if !reflect.DeepEqual(got, want) {
 		t.Errorf("got %v, want %v", got, want)
--- a/checker/definition.go
+++ b/checker/definition.go
@ -110,11 +110,6 @@ func (p *authoritativeConsistencyProvider) Definition() *sdk.CheckerDefinition {
 					Label:    "Origin service",
 					AutoFill: sdk.AutoFillService,
 				},
-				{
-					Id:       "domain_name",
-					Label:    "Zone name",
-					AutoFill: sdk.AutoFillDomainName,
-				},
 			},
 		},
 		Rules: Rules(),
--- a/checker/types.go
+++ b/checker/types.go
@ -3,7 +3,6 @@ package checker
 import (
 	"encoding/json"
 	"fmt"
-	"slices"

 	"github.com/miekg/dns"
 )
@ -78,9 +77,11 @@ type NSResult struct {
 // Dedupes identical messages and caps the list with a sentinel summary.
 func (n *NSResult) appendError(format string, args ...any) {
 	msg := fmt.Sprintf(format, args...)
-	if slices.Contains(n.Errors, msg) {
+	for _, e := range n.Errors {
+		if e == msg {
 			return
 		}
+	}
 	if len(n.Errors) >= maxNSResultErrors {
 		n.suppressedErrors++
 		sentinel := fmt.Sprintf("(%d more error(s) suppressed)", n.suppressedErrors)
@ -107,6 +108,7 @@ type ObservationData struct {
 	// Union of DeclaredNS and ParentNS, de-duplicated.
 	Probed   []string             `json:"probed,omitempty"`
 	Results  map[string]*NSResult `json:"results,omitempty"`
+	Findings []Finding            `json:"findings"`
 }

 // Local mirror of happyDomain's services/abstract.Origin. Duplicated on