checker: enforce prober-as-observation, move all analysis to rules layer

2026-05-15 17:05:53 +08:00 · 2026-05-15 17:05:53 +08:00 · f77895dcab
commit f77895dcab
parent 1e6254c289
12 changed files with 174 additions and 171 deletions
--- a/checker/rules_reachability.go
+++ b/checker/rules_reachability.go
@ -49,10 +49,10 @@ func (r *reachabilityRule) Evaluate(ctx context.Context, obs sdk.ObservationGett
 	}
 	var states []sdk.CheckState
 	for _, ep := range data.Endpoints {
-		if ep.TCPConnected {
+		if ep.Stage != "dial" {
 			continue
 		}
-		msg := "Cannot open TCP connection to " + ep.Address
+		msg := "Cannot open TCP connection to " + ep.Addr()
 		if ep.Error != "" {
 			msg += ": " + ep.Error
 		}
@ -60,7 +60,7 @@ func (r *reachabilityRule) Evaluate(ctx context.Context, obs sdk.ObservationGett
 			Status:  sdk.StatusCrit,
 			Message: msg,
 			Code:    "tcp_unreachable",
-			Subject: ep.Address,
+			Subject: ep.Addr(),
 			Meta: map[string]any{
 				"fix": "Check DNS, firewall (allow tcp/" + strconv.Itoa(int(ep.Port)) + " from the internet), and that sshd is running.",
 			},
@ -92,7 +92,7 @@ func (r *handshakeRule) Evaluate(ctx context.Context, obs sdk.ObservationGetter,
 	}
 	var states []sdk.CheckState
 	for _, ep := range data.Endpoints {
-		if !ep.TCPConnected {
+		if ep.Stage == "dial" {
 			continue
 		}
 		switch ep.Stage {
@ -100,29 +100,29 @@ func (r *handshakeRule) Evaluate(ctx context.Context, obs sdk.ObservationGetter,
 			states = append(states, sdk.CheckState{
 				Status:  sdk.StatusCrit,
 				Code:    "no_ssh_banner",
-				Subject: ep.Address,
-				Message: fmt.Sprintf("Server on %s did not send an SSH-2.0 banner: %s", ep.Address, ep.Error),
+				Subject: ep.Addr(),
+				Message: fmt.Sprintf("Server on %s did not send an SSH-2.0 banner: %s", ep.Addr(), ep.Error),
 				Meta:    map[string]any{"fix": "Check that an SSH daemon (not HTTP, mail, ...) listens on this port."},
 			})
 		case "banner_write":
 			states = append(states, sdk.CheckState{
 				Status:  sdk.StatusCrit,
 				Code:    "banner_write_failed",
-				Subject: ep.Address,
+				Subject: ep.Addr(),
 				Message: "Failed to send our client banner: " + ep.Error,
 			})
 		case "kexinit_read":
 			states = append(states, sdk.CheckState{
 				Status:  sdk.StatusCrit,
 				Code:    "kexinit_read_failed",
-				Subject: ep.Address,
+				Subject: ep.Addr(),
 				Message: "Server did not send KEXINIT after banner: " + ep.Error,
 			})
 		case "kexinit_parse":
 			states = append(states, sdk.CheckState{
 				Status:  sdk.StatusCrit,
 				Code:    "kexinit_parse_failed",
-				Subject: ep.Address,
+				Subject: ep.Addr(),
 				Message: "Malformed KEXINIT packet: " + ep.Error,
 			})
 		}