A ping result depends only on the set of target addresses and the probe
count, never on which domain or service the addresses belong to. Implement
sdk.ObservationSharer so the host can collect a single ICMP probe per address
set (per user) instead of re-pinging once per record: with 1.2.3.4 present in
many domains under several A records, the same address was probed dozens of
times for identical data.
The share key sorts the resolved addresses and folds in the probe count;
evaluation thresholds (warningRTT, ...) are intentionally excluded as they
only affect how the shared observation is judged. Unresolvable inputs yield
an empty key so the host falls back to per-target caching.
The 100ms default warning collided with ordinary cross-region internet
latency (e.g. transatlantic RTTs of ~100ms), causing spurious warnings
on healthy long-haul targets. Bump the default warning to 200ms and
factor the warning/critical defaults into package constants so the two
call sites can no longer drift.
The binary doubles as its own healthcheck client via the SDK's
-healthcheck flag, so the probe works in the scratch image
(no shell, no curl, no wget).
Add the AGPL LICENSE file and a deployment-security note in the README
to clarify that the unauthenticated /collect endpoint must run on a
trusted network.
Fix the IPv6 reachability rule so it consults the IP actually probed:
PingTargetResult now carries ResolvedIP populated from pinger.IPAddr(),
which lets the rule classify hostname targets correctly instead of
always reporting "No IPv6 target pinged".
Tighten error handling: ipsFromService now propagates JSON errors,
ExtractMetrics wraps decode failures, the count option returns an
explicit error when out of range instead of silently clamping, and the
"all pings failed" message no longer concatenates every per-target
error. Threshold validation is factored into validateThresholdPair and
shared between the RTT and packet-loss rules.
Add unit tests covering address resolution, threshold validation, and
each rule's evaluation paths.
The SDK split the HTTP server scaffolding into the new
checker-sdk-go/checker/server subpackage. Update main.go to import
server and call server.New, and isolate the interactive form code
behind the standalone build tag so plugin/builtin builds skip
net/http entirely.
Follow the checker-sdk-go interface consolidation: reporter methods
now take sdk.ReportContext and read the payload via ctx.Data() instead
of the raw json.RawMessage parameter. Backed by the same underlying
logic.
