Dockerfile

@@ -12,6 +12,4 @@ FROM scratch
 COPY --from=builder /checker-delegation /checker-delegation
 USER 65534:65534
 EXPOSE 8080
-HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
-  CMD ["/checker-delegation", "-healthcheck"]
 ENTRYPOINT ["/checker-delegation"]

README.md

@@ -65,7 +65,7 @@ DNS queries to whatever name servers (and glue addresses) the parent
 zone advertises for the target. It is meant to run on a trusted network,
 reachable only by the happyDomain instance that drives it. Restrict
 access via a reverse proxy with authentication, a network ACL, or by
-binding the listener to a private interface; do not expose it directly
+binding the listener to a private interface — do not expose it directly
 to the public internet.
 
 ## Options

checker/dns.go

@@ -248,3 +248,4 @@ func dsEqual(a, b *dns.DS) bool {
 		a.DigestType == b.DigestType &&
 		strings.EqualFold(a.Digest, b.Digest)
 }
+

checker/rule.go

@@ -248,13 +248,6 @@ func (r *inBailiwickGlueRule) Evaluate(ctx context.Context, obs sdk.ObservationG
 	if errState != nil {
 		return errState
 	}
-	if len(data.ParentViews) == 0 {
-		return []sdk.CheckState{{
-			Status:  sdk.StatusUnknown,
-			Code:    "delegation_missing_glue",
-			Message: "no parent server was queried",
-		}}
-	}
 	var out []sdk.CheckState
 	for _, v := range data.ParentViews {
 		if v.UDPNSError != "" {
@@ -282,13 +275,8 @@ func (r *inBailiwickGlueRule) Evaluate(ctx context.Context, obs sdk.ObservationG
 			}
 		}
 	}
-	if len(out) == 0 {
+	// No in-bailiwick NS means glue is not mandatory; stay silent rather
-		return []sdk.CheckState{{
+	// than advertising a check that doesn't apply.
-			Status:  sdk.StatusOK,
-			Code:    "delegation_missing_glue",
-			Message: "no in-bailiwick NS, glue not required",
-		}}
-	}
 	return out
 }
 

go.mod

@@ -3,7 +3,7 @@ module git.happydns.org/checker-delegation
 go 1.25.0
 
 require (
-	git.happydns.org/checker-sdk-go v1.5.0
+	git.happydns.org/checker-sdk-go v1.4.0
 	github.com/miekg/dns v1.1.72
 )
 

go.sum

@@ -1,5 +1,5 @@
-git.happydns.org/checker-sdk-go v1.5.0 h1:5uD5Cm6xJ+lwnhbJ09iCXGHbYS9zRh+Yh0NeBHkAPBY=
+git.happydns.org/checker-sdk-go v1.4.0 h1:sO8EnF3suhNgYLRsbmCZWJOymH/oNMrOUqj3FEzJArs=
-git.happydns.org/checker-sdk-go v1.5.0/go.mod h1:aNAcfYFfbhvH9kJhE0Njp5GX0dQbxdRB0rJ0KvSC5nI=
+git.happydns.org/checker-sdk-go v1.4.0/go.mod h1:aNAcfYFfbhvH9kJhE0Njp5GX0dQbxdRB0rJ0KvSC5nI=
 github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/miekg/dns v1.1.72 h1:vhmr+TF2A3tuoGNkLDFK9zi36F2LS+hKTRW0Uf8kbzI=