* perf: avoid string concatenation in loops
Apply perfpsrint linter
Signed-off-by: Philippe Antoine <contact@catenacyber.fr>
* ci: enable perfsprint
Signed-off-by: Philippe Antoine <contact@catenacyber.fr>
---------
Signed-off-by: Philippe Antoine <contact@catenacyber.fr>
Enable protogetter in golangci config and update all protobuf field
access to use getter methods instead of direct field access.
Getter methods provide safer nil pointer handling and return
appropriate default values, following protobuf best practices.
Signed-off-by: Ville Vesilehto <ville@vesilehto.fi>
Enable intrange linter to enforce modern Go range syntax over
traditional for loops, by converting:
for i := 0; i < n; i++
to:
for i := range n
Adding type conversions where needed for compatibility
with existing uint64 parameters.
Signed-off-by: Ville Vesilehto <ville@vesilehto.fi>
Add comprehensive unit test coverage for DNS-over-gRPC and
DNS-over-QUIC server implementations:
- server_grpc_test.go: Tests gRPC server creation, TLS config,
lifecycle methods, Query handling, and response writer
- server_quic_test.go: Tests QUIC server creation, custom limits,
message validation, DOQ message parsing, and writer interface
Tests focus on component-level validation with mocks,
complementing existing integration tests without overlap.
Signed-off-by: Ville Vesilehto <ville@vesilehto.fi>
Add comprehensive tests for multiple components including server blocks
inspection, configuration handling, DoH/DoQ writers, and server startup
functions. Increases overall test coverage from 27% to 38.4% with
particular focus on register.go, https.go, quic.go, and config.go.
Signed-off-by: Ville Vesilehto <ville@vesilehto.fi>
* introduce new interface "dnsserver.Viewer", that allows a plugin implementing it to decide if a query should be routed into its server block.
* add new plugin "view", that uses the new interface to enable a user to define expression based conditions that must be met for a query to be routed to its server block.
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* Add forwardcrd plugin README.md
Co-authored-by: Aidan Obley <aobley@vmware.com>
Signed-off-by: Christian Ang <angc@vmware.com>
* Create forwardcrd plugin
- Place forwardcrd before forward plugin in plugin list. This will avoid
forward from preventing the forwardcrd plugin from handling any queries
in the case of having a default upstream forwarder in a server block (as
is the case in the default kubernetes Corefile).
Co-authored-by: Aidan Obley <aobley@vmware.com>
Signed-off-by: Christian Ang <angc@vmware.com>
* Add Forward CRD
Signed-off-by: Christian Ang <angc@vmware.com>
* Add NewWithConfig to forward plugin
- allows external packages to instanciate forward plugins
Co-authored-by: Aidan Obley <aobley@vmware.com>
Signed-off-by: Christian Ang <angc@vmware.com>
* ForwardCRD plugin handles requests for Forward CRs
- add a Kubernetes controller that can read Forward CRs
- instances of the forward plugin are created based on Forward CRs from
the Kubernetes controller
- DNS requests are handled by calling matching Forward plugin instances
based on zone name
- Defaults to the kube-system namespace to align with Corefile RBAC
Signed-off-by: Christian Ang <angc@vmware.com>
Use klog v2 in forwardcrd plugin
* Refactor forward setup to use NewWithConfig
Co-authored-by: Christian Ang <angc@vmware.com>
Signed-off-by: Edwin Xie <exie@vmware.com>
* Use ParseInt instead of Atoi
- to ensure that the bitsize is 32 for later casting to uint32
Signed-off-by: Christian Ang <angc@vmware.com>
* Add @christianang to CODEOWNERS for forwardcrd
Signed-off-by: Christian Ang <angc@vmware.com>
Co-authored-by: Edwin Xie <exie@vmware.com>
* Metrics: expand coredns_dns_responses_total with plugin label
This adds (somewhat hacky?) code to add a plugin label to the
coredns_dns_responses_total metric. It's completely obvlious to the
plugin as we just check who called the *recorder.WriteMsg method. We use
runtime.Caller( 1 2 3) to get multiple levels of callers, this should be
deep enough, but it depends on the dns.ResponseWriter wrapping that's
occuring.
README.md of metrics updates and test added in test/metrics_test.go to
check for the label being set.
I went through the plugin to see what metrics could be removed, but
actually didn't find any, the plugin push out metrics that make sense.
Due to the path fiddling to figure out the plugin name I doubt this
works (out-of-the-box) for external plugins, but I haven't tested that.
Signed-off-by: Miek Gieben <miek@miek.nl>
* better comment
Signed-off-by: Miek Gieben <miek@miek.nl>
* Metrics: expand coredns_dns_responses_total with plugin label
This adds (somewhat hacky?) code to add a plugin label to the
coredns_dns_responses_total metric. It's completely obvlious to the
plugin as we just check who called the *recorder.WriteMsg method. We use
runtime.Caller( 1 2 3) to get multiple levels of callers, this should be
deep enough, but it depends on the dns.ResponseWriter wrapping that's
occuring.
README.md of metrics updates and test added in test/metrics_test.go to
check for the label being set.
I went through the plugin to see what metrics could be removed, but
actually didn't find any, the plugin push out metrics that make sense.
Due to the path fiddling to figure out the plugin name I doubt this
works (out-of-the-box) for external plugins, but I haven't tested that.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Update core/dnsserver/server.go
Co-authored-by: dilyevsky <ilyevsky@gmail.com>
* Use [3]string
Signed-off-by: Miek Gieben <miek@miek.nl>
* imports
Signed-off-by: Miek Gieben <miek@miek.nl>
* remove dnstest changes
Signed-off-by: Miek Gieben <miek@miek.nl>
* revert
Signed-off-by: Miek Gieben <miek@miek.nl>
* Add some sleeps to make it less flaky
Signed-off-by: Miek Gieben <miek@miek.nl>
* Revert "Add some sleeps to make it less flaky"
This reverts commit b5c6655196.
* Remove forward when not needed
Signed-off-by: Miek Gieben <miek@miek.nl>
* remove newline
Signed-off-by: Miek Gieben <miek@miek.nl>
Co-authored-by: dilyevsky <ilyevsky@gmail.com>
* plugin/header: run go gen and small doc updates
Run go gen to enable the new plugin, this should fix the CI failures.
Small tweaks to the docs.
Signed-off-by: Miek Gieben <miek@miek.nl>
* another typo
Signed-off-by: Miek Gieben <miek@miek.nl>
* gofmt
Signed-off-by: Miek Gieben <miek@miek.nl>
* share plugins among zones in the same server block
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* update caddy dep
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* simp code
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* copy ListenHosts and Debug from first config
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* copy tls configs from first config
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* add test to validate debug setting is replicated to all configs in block
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* stop server
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
-p is the default flag in DNS software for setting the port, we use
'dns.port' because of preventing clashes with other caddy software
users. This is no longer an issue, so we can do what we want here.
Add -p to works like -dns.port.
(this PR includes generated manpage, but that shouldn't matter too much)
Signed-off-by: Miek Gieben <miek@miek.nl>
This was found by fuzzing.
We need to make this a fully qualified domain name to catch all errors
in dnsserver/register.go and not later when plugin.Normalize() is called again on these
strings, with the prime difference being that the domain name is fully
qualified. This was found by fuzzing where "ȶ" is deemed OK, but "ȶ." is
not (might be a bug in miekg/dns actually). But here we were checking ȶ,
which is OK, and later we barf in ȶ. leading to "index out of range".
Added a tests and check manually if it would crash with the current code
(yes), and fail with an error in this PR (yes).
Signed-off-by: Miek Gieben <miek@miek.nl>
