Initial commit
This commit is contained in:
commit
257c7e494f
21 changed files with 1891 additions and 0 deletions
78
checker/rule.go
Normal file
78
checker/rule.go
Normal file
|
|
@ -0,0 +1,78 @@
|
|||
// SPDX-License-Identifier: MIT
|
||||
|
||||
package checker
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"sort"
|
||||
"strings"
|
||||
|
||||
sdk "git.happydns.org/checker-sdk-go/checker"
|
||||
)
|
||||
|
||||
// Rules returns the full rule set evaluated against a DNSVizData observation.
|
||||
//
|
||||
// Each rule maps to a single concern so the UI can show a clean checklist.
|
||||
// Most rules iterate over zones in the chain and emit one CheckState per
|
||||
// zone — Subject is the zone FQDN — so a fault at the TLD never gets
|
||||
// silently merged with a fault at the leaf.
|
||||
func Rules() []sdk.CheckRule {
|
||||
return []sdk.CheckRule{
|
||||
&overallStatusRule{},
|
||||
&perZoneStatusRule{},
|
||||
&zoneErrorsRule{},
|
||||
&zoneWarningsRule{},
|
||||
&commonFailuresRule{},
|
||||
}
|
||||
}
|
||||
|
||||
func loadData(ctx context.Context, obs sdk.ObservationGetter, code string) (*DNSVizData, []sdk.CheckState) {
|
||||
var data DNSVizData
|
||||
if err := obs.Get(ctx, ObservationKeyDNSViz, &data); err != nil {
|
||||
return nil, []sdk.CheckState{{
|
||||
Status: sdk.StatusError,
|
||||
Code: code,
|
||||
Message: fmt.Sprintf("Failed to load DNSViz observation: %v", err),
|
||||
}}
|
||||
}
|
||||
return &data, nil
|
||||
}
|
||||
|
||||
// orderedZones returns zone keys in the report-friendly order (queried name
|
||||
// first, root last), preferring DNSVizData.Order when populated.
|
||||
func orderedZones(data *DNSVizData) []string {
|
||||
if len(data.Order) > 0 {
|
||||
return data.Order
|
||||
}
|
||||
keys := make([]string, 0, len(data.Zones))
|
||||
for k := range data.Zones {
|
||||
keys = append(keys, k)
|
||||
}
|
||||
sort.Slice(keys, func(i, j int) bool {
|
||||
return labelDepth(keys[i]) > labelDepth(keys[j])
|
||||
})
|
||||
return keys
|
||||
}
|
||||
|
||||
// statusFromGrok turns a DNSViz status string into our SDK Status.
|
||||
func statusFromGrok(s string) sdk.Status {
|
||||
switch strings.ToUpper(strings.TrimSpace(s)) {
|
||||
case "SECURE":
|
||||
return sdk.StatusOK
|
||||
case "INSECURE":
|
||||
// "INSECURE" means "no DNSSEC and no parent DS" — informational, not
|
||||
// a failure. Rules elsewhere can still flag a missing chain.
|
||||
return sdk.StatusInfo
|
||||
case "BOGUS":
|
||||
return sdk.StatusCrit
|
||||
case "INDETERMINATE":
|
||||
return sdk.StatusWarn
|
||||
case "NON_EXISTENT":
|
||||
return sdk.StatusInfo
|
||||
case "":
|
||||
return sdk.StatusUnknown
|
||||
default:
|
||||
return sdk.StatusUnknown
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue