Initial commit
This commit is contained in:
commit
a6dbcef0f9
26 changed files with 2993 additions and 0 deletions
61
checker/rules_probe.go
Normal file
61
checker/rules_probe.go
Normal file
|
|
@ -0,0 +1,61 @@
|
|||
package checker
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
sdk "git.happydns.org/checker-sdk-go/checker"
|
||||
)
|
||||
|
||||
// probeAvailableRule reports whether the downstream TLS checker has probed
|
||||
// every endpoint we published. Absent probes are common immediately after a
|
||||
// new TLSA record is published and should not flap the service red.
|
||||
type probeAvailableRule struct{}
|
||||
|
||||
func (r *probeAvailableRule) Name() string { return "dane.probe_available" }
|
||||
func (r *probeAvailableRule) Description() string {
|
||||
return "Verifies a TLS probe is available for every DANE endpoint so the chain can be compared to TLSA records."
|
||||
}
|
||||
|
||||
func (r *probeAvailableRule) Evaluate(ctx context.Context, obs sdk.ObservationGetter, _ sdk.CheckerOptions) []sdk.CheckState {
|
||||
rc := loadRuleContext(ctx, obs)
|
||||
if rc.err != nil {
|
||||
return []sdk.CheckState{observationErrorState(rc.err)}
|
||||
}
|
||||
if rc.relatedErr != nil {
|
||||
return []sdk.CheckState{{
|
||||
Status: sdk.StatusError,
|
||||
Code: "dane_observation_warning",
|
||||
Message: rc.relatedErr.Error(),
|
||||
}}
|
||||
}
|
||||
if len(rc.data.Targets) == 0 {
|
||||
return []sdk.CheckState{{
|
||||
Status: sdk.StatusUnknown,
|
||||
Code: "dane_probe_available_skipped",
|
||||
Message: "No DANE endpoints to probe.",
|
||||
}}
|
||||
}
|
||||
out := make([]sdk.CheckState, 0, len(rc.data.Targets))
|
||||
for _, t := range rc.data.Targets {
|
||||
subj := targetSubject(t)
|
||||
meta := targetMeta(t)
|
||||
if rc.probes[t.Ref] == nil {
|
||||
out = append(out, sdk.CheckState{
|
||||
Status: sdk.StatusUnknown,
|
||||
Code: "dane_no_probe",
|
||||
Subject: subj,
|
||||
Message: "No TLS probe available yet for this endpoint; re-evaluate after the next checker-tls cycle.",
|
||||
Meta: meta,
|
||||
})
|
||||
continue
|
||||
}
|
||||
out = append(out, sdk.CheckState{
|
||||
Status: sdk.StatusOK,
|
||||
Code: "dane_probe_available_ok",
|
||||
Subject: subj,
|
||||
Message: "TLS probe available for this endpoint.",
|
||||
Meta: meta,
|
||||
})
|
||||
}
|
||||
return out
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue