Enforce prober/evaluator boundary in ObservationData

Add CI/CD pipeline
2026-05-15 17:43:27 +08:00 · 2026-05-10 19:00:19 +08:00
3 changed files with 214 additions and 7 deletions
--- a/.drone-manifest.yml
+++ b/.drone-manifest.yml
@ -0,0 +1,22 @@
 image: happydomain/checker-authoritative-consistency:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
 {{#if build.tags}}
 tags:
 {{#each build.tags}}
  - {{this}}
 {{/each}}
 {{/if}}
 manifests:
  - image: happydomain/checker-authoritative-consistency:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64
    platform:
      architecture: amd64
      os: linux
  - image: happydomain/checker-authoritative-consistency:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64
    platform:
      architecture: arm64
      os: linux
      variant: v8
  - image: happydomain/checker-authoritative-consistency:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm
    platform:
      architecture: arm
      os: linux
      variant: v7
--- a/.drone.yml
+++ b/.drone.yml
@ -0,0 +1,187 @@
 ---
 kind: pipeline
 type: docker
 name: build-amd64
 platform:
  os: linux
  arch: amd64
 steps:
  - name: checker build
    image: golang:1-alpine
    commands:
      - apk add --no-cache git make
      - make
    environment:
      CHECKER_VERSION: "${DRONE_BRANCH}-${DRONE_COMMIT}"
      CGO_ENABLED: 0
    when:
      event:
        exclude:
          - tag
  - name: checker build tag
    image: golang:1-alpine
    commands:
      - apk add --no-cache git make
      - make
    environment:
      CHECKER_VERSION: "${DRONE_SEMVER}"
      CGO_ENABLED: 0
    when:
      event:
        - tag
  - name: publish on Docker Hub
    image: plugins/docker
    settings:
      repo: happydomain/checker-authoritative-consistency
      auto_tag: true
      auto_tag_suffix: ${DRONE_STAGE_OS}-${DRONE_STAGE_ARCH}
      dockerfile: Dockerfile
      build_args:
        - CHECKER_VERSION=${DRONE_BRANCH}-${DRONE_COMMIT}
      username:
        from_secret: docker_username
      password:
        from_secret: docker_password
    when:
      event:
        exclude:
          - tag
  - name: publish on Docker Hub (tag)
    image: plugins/docker
    settings:
      repo: happydomain/checker-authoritative-consistency
      auto_tag: true
      auto_tag_suffix: ${DRONE_STAGE_OS}-${DRONE_STAGE_ARCH}
      dockerfile: Dockerfile
      build_args:
        - CHECKER_VERSION=${DRONE_SEMVER}
      username:
        from_secret: docker_username
      password:
        from_secret: docker_password
    when:
      event:
        - tag
 trigger:
  branch:
    exclude:
      - renovate/*
  event:
    - cron
    - push
    - tag
 ---
 kind: pipeline
 type: docker
 name: build-arm64
 platform:
  os: linux
  arch: arm64
 steps:
  - name: checker build
    image: golang:1-alpine
    commands:
      - apk add --no-cache git make
      - make
    environment:
      CHECKER_VERSION: "${DRONE_BRANCH}-${DRONE_COMMIT}"
      CGO_ENABLED: 0
    when:
      event:
        exclude:
          - tag
  - name: checker build tag
    image: golang:1-alpine
    commands:
      - apk add --no-cache git make
      - make
    environment:
      CHECKER_VERSION: "${DRONE_SEMVER}"
      CGO_ENABLED: 0
    when:
      event:
        - tag
  - name: publish on Docker Hub
    image: plugins/docker
    settings:
      repo: happydomain/checker-authoritative-consistency
      auto_tag: true
      auto_tag_suffix: ${DRONE_STAGE_OS}-${DRONE_STAGE_ARCH}
      dockerfile: Dockerfile
      build_args:
        - CHECKER_VERSION=${DRONE_BRANCH}-${DRONE_COMMIT}
      username:
        from_secret: docker_username
      password:
        from_secret: docker_password
    when:
      event:
        exclude:
          - tag
  - name: publish on Docker Hub (tag)
    image: plugins/docker
    settings:
      repo: happydomain/checker-authoritative-consistency
      auto_tag: true
      auto_tag_suffix: ${DRONE_STAGE_OS}-${DRONE_STAGE_ARCH}
      dockerfile: Dockerfile
      build_args:
        - CHECKER_VERSION=${DRONE_SEMVER}
      username:
        from_secret: docker_username
      password:
        from_secret: docker_password
    when:
      event:
        - tag
 trigger:
  event:
    - cron
    - push
    - tag
 ---
 kind: pipeline
 name: docker-manifest
 platform:
  os: linux
  arch: arm64
 steps:
  - name: publish on Docker Hub
    image: plugins/manifest
    settings:
      auto_tag: true
      ignore_missing: true
      spec: .drone-manifest.yml
      username:
        from_secret: docker_username
      password:
        from_secret: docker_password
 trigger:
  branch:
    exclude:
      - renovate/*
  event:
    - cron
    - push
    - tag
 depends_on:
  - build-amd64
  - build-arm64
--- a/checker/types.go
+++ b/checker/types.go
@ -3,6 +3,7 @@ package checker
 import (
 	"encoding/json"
 	"fmt"
 	"slices"
 	"github.com/miekg/dns"
 )
@ -77,11 +78,9 @@ type NSResult struct {
 // Dedupes identical messages and caps the list with a sentinel summary.
 func (n *NSResult) appendError(format string, args ...any) {
 	msg := fmt.Sprintf(format, args...)
-	for _, e := range n.Errors {
+	if slices.Contains(n.Errors, msg) {
 		if e == msg {
 		return
 	}
 	}
 	if len(n.Errors) >= maxNSResultErrors {
 		n.suppressedErrors++
 		sentinel := fmt.Sprintf("(%d more error(s) suppressed)", n.suppressedErrors)
@ -108,7 +107,6 @@ type ObservationData struct {
 	// Union of DeclaredNS and ParentNS, de-duplicated.
 	Probed  []string             `json:"probed,omitempty"`
 	Results map[string]*NSResult `json:"results,omitempty"`
 	Findings []Finding            `json:"findings"`
 }
 // Local mirror of happyDomain's services/abstract.Origin. Duplicated on
Author	SHA1	Message	Date
Pierre-Olivier Mercier	0903357221	Enforce prober/evaluator boundary in ObservationData All checks were successful continuous-integration/drone/push Build is passing Details	2026-05-15 17:43:27 +08:00
Pierre-Olivier Mercier	a0dcac59bd	Add CI/CD pipeline All checks were successful continuous-integration/drone/push Build is passing Details	2026-05-10 19:00:19 +08:00