* fix SOA response for non-apex queries
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* handle mixed case
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* do full string compare
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* plugin/rewrite: streamline the ResponseRule handling.
The functionality of a response rule is now completely encapsulated behind
a `ResponseRule` interface. This significantly simplifies the complete
processing flow, it enables more flexible response handling and it is possible
to eliminate lots of state flags, ifs and switches.
Based on the new flexibility the pull request also enables to support a
response name rewrite for all name rewrite types.
To be compatible, an explicit `answer auto` option is added to support
a best effort response rewrite (name and value).
Additionally now all name rewrite rules support additional name and value
reponse rewrite options.
Using this feature it is also possible now to rewrite a complete sub domain
hierarchy to a single domain name combined with a correct rewrite (#2389).
Signed-off-by: Uwe Krueger <uwe.krueger@sap.com>
* revert policy
Signed-off-by: Uwe Krueger <uwe.krueger@sap.com>
Co-authored-by: Miek Gieben <miek@miek.nl>
As commit push holds write access of GITHUB_TOKEN, we may
want to limit the scope of third-party test run.
This PR disable CodeCov on commit push. Pull request is still
ok.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
As dependabot has been failing for some time,
this PR manually updates all dependencies when possible.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* plugin/dnssec: use entire RRset as key input
This uses the entire rrset as input for the hash key; this is to detect
differences in the RRset and generate the correct signature.
As this would then lead to unbounded growth, we periodically (every 8h)
prune the cache of old entries. In theory we could rely on the random
eviction, but it seems nicer to do this in a maintannce loop so that we
remove the unused ones. This required adding a Walk function to the
plugin/pkg/cache.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Update plugin/dnssec/cache.go
Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
* plugin/bind: exclude interface or ip address
Signed-off-by: Mohammad Yosefpor <myusefpur@gmail.com>
* fix README.md
Signed-off-by: Mohammad Yosefpor <myusefpur@gmail.com>
* Apply suggestions, Fix test
Signed-off-by: Mohammad Yosefpor <myusefpur@gmail.com>
* Apply suggestions, move errs to setup
Signed-off-by: Mohammad Yosefpor <myusefpur@gmail.com>
To combat label cardinality explosions remove the type from metrics.
This was most severe in the histogram for request duration, remove it
there.
It's also highlighted difference between grpc and forward code, where
forward did use type and grpc didn't; getting rid of all that "fixes"
that discrepancy
Move monitor.go back into the vars directory and make it private again.
Also name it slightly better
Fixes: #4507
Signed-off-by: Miek Gieben <miek@miek.nl>
When the interface doesn't exist you get:
plugin/bind: not a valid IP address: eth0
Fix the wording that this can also be interface name. Also %q the
argument in the error mesg.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Discard link-local addresses on binding
Signed-off-by: Mohammad Yosefpor <myusefpur@gmail.com>
* Update plugin/bind: README.md
Signed-off-by: Mohammad Yosefpor <myusefpur@gmail.com>
* Except for IPv6 link-local only
Signed-off-by: Mohammad Yosefpor <myusefpur@gmail.com>
This moves all workflows that commit to a schedule, so that it _doesn't_
push into peoples PRs as that enlarges them and is just non-obvious.
They run throughout the week.
Also change the "user" we use for this, so that DCO believes it a real
email address (DCO is pretty stupid here). Update the authors target to
filter out this bot as well.
Signed-off-by: Miek Gieben <miek@miek.nl>
* auto make -f Makefile.doc
Signed-off-by: Mohammad Yosefpor <myusefpur@gmail.com>
* Bind by interface name
Signed-off-by: Mohammad Yosefpor <myusefpur@gmail.com>
* README.md: Interface with multiple address
Signed-off-by: Mohammad Yosefpor <myusefpur@gmail.com>
* auto make -f Makefile.doc
Signed-off-by: Mohammad Yosefpor <myusefpur@gmail.com>
* auto make -f Makefile.doc
Signed-off-by: Mohammad Yosefpor <myusefpur@gmail.com>
* Elaborate more on the behaviour in README.md, revert man/*, fix tests
Signed-off-by: Mohammad Yosefpor <myusefpur@gmail.com>
* auto make -f Makefile.doc
Signed-off-by: Mohammad Yosefpor <myusefpur@gmail.com>
* --sign-off
Revert man/* to fix DCO check
Signed-off-by: Mohammad Yosefpor <myusefpur@gmail.com>
* auto make -f Makefile.doc
* Revert man/* to fix DCO check
Signed-off-by: Mohammad Yosefpor <myusefpur@gmail.com>
Co-authored-by: coredns-auto-go-mod-tidy[bot] <coredns-auto-go-mod-tidy[bot]@users.noreply.github.com>
This doesn't do much, but at least it doesn't litter PRs with non-signed
commits. This should keep the DCO clean(er)
Signed-off-by: Miek Gieben <miek@miek.nl>
So there is (and will always) be a disconnect between latest Go in the
workflow and the actual latest Go used by other utils. Faillint move to
go 1.16 features and for some reason this now borkes.
Add ||true to allow failling to not compile, this will skip that
particular test (so be it)
Signed-off-by: Miek Gieben <miek@miek.nl>
* transfer: reply with refused
When the *transfer* plugin is not loaded and of the handlers will still
see the AXFR/IXFR request because it is not intercepted.
They need to reply with REFUSED in that case. Update file, auto and k8s
to do this. Add testcase in the file plugin.
Ideally *erratic* should be moved over as well, but maybe that's
*erratic*
This is a bug fix.
Signed-off-by: Miek Gieben <miek@miek.nl>
* import path
Signed-off-by: Miek Gieben <miek@miek.nl>
