78 lines
2 KiB
Go
78 lines
2 KiB
Go
// SPDX-License-Identifier: MIT
|
|
|
|
package checker
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"sort"
|
|
"strings"
|
|
|
|
sdk "git.happydns.org/checker-sdk-go/checker"
|
|
)
|
|
|
|
// Rules returns the full rule set evaluated against a DNSVizData observation.
|
|
//
|
|
// Each rule maps to a single concern so the UI can show a clean checklist.
|
|
// Most rules iterate over zones in the chain and emit one CheckState per
|
|
// zone — Subject is the zone FQDN — so a fault at the TLD never gets
|
|
// silently merged with a fault at the leaf.
|
|
func Rules() []sdk.CheckRule {
|
|
return []sdk.CheckRule{
|
|
&overallStatusRule{},
|
|
&perZoneStatusRule{},
|
|
&zoneErrorsRule{},
|
|
&zoneWarningsRule{},
|
|
&commonFailuresRule{},
|
|
}
|
|
}
|
|
|
|
func loadData(ctx context.Context, obs sdk.ObservationGetter, code string) (*DNSVizData, []sdk.CheckState) {
|
|
var data DNSVizData
|
|
if err := obs.Get(ctx, ObservationKeyDNSViz, &data); err != nil {
|
|
return nil, []sdk.CheckState{{
|
|
Status: sdk.StatusError,
|
|
Code: code,
|
|
Message: fmt.Sprintf("Failed to load DNSViz observation: %v", err),
|
|
}}
|
|
}
|
|
return &data, nil
|
|
}
|
|
|
|
// orderedZones returns zone keys in the report-friendly order (queried name
|
|
// first, root last), preferring DNSVizData.Order when populated.
|
|
func orderedZones(data *DNSVizData) []string {
|
|
if len(data.Order) > 0 {
|
|
return data.Order
|
|
}
|
|
keys := make([]string, 0, len(data.Zones))
|
|
for k := range data.Zones {
|
|
keys = append(keys, k)
|
|
}
|
|
sort.Slice(keys, func(i, j int) bool {
|
|
return labelDepth(keys[i]) > labelDepth(keys[j])
|
|
})
|
|
return keys
|
|
}
|
|
|
|
// statusFromGrok turns a DNSViz status string into our SDK Status.
|
|
func statusFromGrok(s string) sdk.Status {
|
|
switch strings.ToUpper(strings.TrimSpace(s)) {
|
|
case "SECURE":
|
|
return sdk.StatusOK
|
|
case "INSECURE":
|
|
// "INSECURE" means "no DNSSEC and no parent DS" — informational, not
|
|
// a failure. Rules elsewhere can still flag a missing chain.
|
|
return sdk.StatusInfo
|
|
case "BOGUS":
|
|
return sdk.StatusCrit
|
|
case "INDETERMINATE":
|
|
return sdk.StatusWarn
|
|
case "NON_EXISTENT":
|
|
return sdk.StatusInfo
|
|
case "":
|
|
return sdk.StatusUnknown
|
|
default:
|
|
return sdk.StatusUnknown
|
|
}
|
|
}
|