feat: publish tls.endpoint.v1 discovery entry to enable GetRelated

2026-05-15 18:44:21 +08:00 · 2026-05-15 18:44:21 +08:00 · c6400c7773
commit c6400c7773
parent 97b2545e2d
4 changed files with 34 additions and 16 deletions
--- a/checker/discover.go
+++ b/checker/discover.go
@ -0,0 +1,26 @@
+package checker
+
+import (
+	sdk "git.happydns.org/checker-sdk-go/checker"
+	tlscontract "git.happydns.org/checker-tls/contract"
+)
+
+// DiscoverEntries publishes one tls.endpoint.v1 entry for the domain's HTTPS
+// endpoint so checker-tls probes it. Implements sdk.DiscoveryPublisher.
+// On the next checker-tls run the engine will store a DiscoveryObservationRef
+// linking its snapshot back to this checker; GetRelated("tls_probes") in the
+// rule will then return the observed certificates.
+func (p *caaProvider) DiscoverEntries(data any) ([]sdk.DiscoveryEntry, error) {
+	d, ok := data.(*CAAData)
+	if !ok || d == nil || d.Domain == "" {
+		return nil, nil
+	}
+	entry, err := tlscontract.NewEntry(tlscontract.TLSEndpoint{
+		Host: d.Domain,
+		Port: 443,
+	})
+	if err != nil {
+		return nil, err
+	}
+	return []sdk.DiscoveryEntry{entry}, nil
+}