Add ability to specify a server on DNS resources (goss-org#170)

* Add ability to specify a server on DNS resources Originally, the DNS resource used the golang net library to perform a net.lookupHost on DNS resourcces. net.lookupHost uses the local DNS resolver which includes a host file lookup (still useful) as well as DNS lookup. The following behaviour has been implemented: Without the server attribute set, net.lookupHost is used which is great for testing out host entries or just general hostname resolution. With a server attribute set the github.com/miekg/dns library is used to query the server (on port 53). * Add the ability to query different types of DNS record * Fix attribute name in docs * Add ability to specify a server on DNS resources Originally, the DNS resource used the golang net library to perform a net.lookupHost on DNS resourcces. net.lookupHost uses the local DNS resolver which includes a host file lookup (still useful) as well as DNS lookup. The following behaviour has been implemented: Without the server attribute set, net.lookupHost is used which is great for testing out host entries or just general hostname resolution. With a server attribute set the github.com/miekg/dns library is used to query the server (on port 53). * Add the ability to query different types of DNS record * Fix attribute name in docs * Ensure only the appropriate DNS record types are returned * update tests to use dns records that won't change * Amend DNS integration tests * Fix formatting with goimports * Add retry logic to DNSLookup * Comment out retry code for testing build on Travis * Retry 3 times before returning error * Fix bug in DNS lookup code resolveable / returning error. * Remove unnecessary code * Amend func name in comment * Minor format changes
heylon2015 · Feb 18, 2017 · 59c416a · 59c416a
1 parent 315a741
commit 59c416a
Show file tree

Hide file tree

Showing 19 changed files with 778 additions and 37 deletions.
diff --git a/add.go b/add.go
@@ -20,6 +20,7 @@ func AddResources(fileName, resourceName string, keys []string, c *cli.Context)
 		Timeout:           int(c.Duration("timeout") / time.Millisecond),
 		AllowInsecure:     c.Bool("insecure"),
 		NoFollowRedirects: c.Bool("no-follow-redirects"),
+		Server:            c.String("server"),
 	}
 
 	var gossConfig GossConfig

diff --git a/cmd/goss/goss.go b/cmd/goss/goss.go
@@ -227,6 +227,10 @@ func main() {
 							Name:  "timeout",
 							Value: 500 * time.Millisecond,
 						},
+						cli.StringFlag{
+							Name:  "server",
+							Usage: "The IP address of a DNS server to query",
+						},
 					},
 					Action: func(c *cli.Context) error {
 						goss.AddResources(c.GlobalString("gossfile"), "DNS", c.Args(), c)

diff --git a/docs/manual.md b/docs/manual.md
@@ -430,12 +430,51 @@ dns:
     # required attributes
     resolveable: true
     # optional attributes
+    server: 8.8.8.8
     addrs:
     - 127.0.0.1
     - ::1
     timeout: 500 # in milliseconds
 ```
 
+With the server attribute set, it is possible to validate the following types of DNS record:
+
+- A
+- AAAA
+- CNAME
+- MX
+- NS
+- PTR
+- SRV
+- TXT
+
+To validate specific DNS address types, prepend the hostname with the type and a colon, a few examples:
+
+```yaml
+dns:
+  # Validate a CNAME record
+  CNAME:dnstest.github.io:
+    resolveable: true
+    server: 8.8.8.8
+    addrs:
+    - "github.map.fastly.net."
+
+  # Validate a PTR record
+  PTR:8.8.8.8:
+    resolveable: true
+    server: 8.8.8.8
+    addrs:
+    - "google-public-dns-a.google.com."
+
+  # Validate and SRV record
+  SRV:_https._tcp.dnstest.io:
+    resolveable: true
+    server: 8.8.8.8
+    addrs:
+    - "0 5 443 a.dnstest.io."
+    - "10 10 443 b.dnstest.io."
+```
+
 Please note that if you want `localhost` to **only** resolve `127.0.0.1` you'll need to use [Advanced Matchers](#advanced-matchers)
 
 ```yaml
@@ -447,7 +486,6 @@ dns:
     timeout: 500 # in milliseconds
 ```
 
-
 ### file
 Validates the state of a file
 
@@ -673,6 +711,7 @@ Goss supports advanced matchers by converting json input to [gomega](https://ons
 ### Examples
 
 Validate that user `nobody` has a `uid` that is less than `500` and that they are **only** a member of the `nobody` group.
+
 ```yaml
 user:
   nobody:
@@ -684,6 +723,7 @@ user:
 ```
 
 Matchers can be nested for more complex logic, for example you can ensure that you have 3 kernel versions installed and none of them are `4.1.0`:
+
 ```yaml
 package:
   kernel:

diff --git a/glide.lock b/glide.lock
diff --git a/glide.yaml b/glide.yaml
@@ -20,3 +20,4 @@ import:
   subpackages:
   - pkg/mount
 - package: github.com/patrickmn/go-cache
+- package: github.com/miekg/dns
diff --git a/integration-tests/goss/alpine3/goss-expected-q.json b/integration-tests/goss/alpine3/goss-expected-q.json
@@ -82,6 +82,41 @@
         }
     },
     "dns": {
+        "CNAME:c.dnstest.io": {
+            "resolveable": true,
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "MX:dnstest.io": {
+            "resolveable": true,
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "NS:dnstest.io": {
+            "resolveable": true,
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "PTR:8.8.8.8": {
+            "resolveable": true,
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "SRV:_https._tcp.dnstest.io": {
+            "resolveable": true,
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "TXT:txt._test.dnstest.io": {
+            "resolveable": true,
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "ip6.dnstest.io": {
+            "resolveable": true,
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
         "localhost": {
             "resolveable": true,
             "timeout": 1000

diff --git a/integration-tests/goss/alpine3/goss-expected.json b/integration-tests/goss/alpine3/goss-expected.json
@@ -98,6 +98,65 @@
         }
     },
     "dns": {
+        "CNAME:c.dnstest.io": {
+            "resolveable": true,
+            "addrs": [
+                "a.dnstest.io."
+            ],
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "MX:dnstest.io": {
+            "resolveable": true,
+            "addrs": [
+                "10 b.dnstest.io.",
+                "5 a.dnstest.io."
+            ],
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "NS:dnstest.io": {
+            "resolveable": true,
+            "addrs": [
+              "ns1.dnstest.io.",
+              "ns2.dnstest.io."
+            ],
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "PTR:8.8.8.8": {
+            "resolveable": true,
+            "addrs": [
+                "google-public-dns-a.google.com."
+            ],
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "SRV:_https._tcp.dnstest.io": {
+            "resolveable": true,
+            "addrs": [
+                "0 5 443 a.dnstest.io.",
+                "10 10 443 b.dnstest.io."
+            ],
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "TXT:txt._test.dnstest.io": {
+            "resolveable": true,
+            "addrs": [
+                "Hello DNS"
+            ],
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "ip6.dnstest.io": {
+            "resolveable": true,
+            "addrs": [
+                "2404:6800:4001:807::200e"
+            ],
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
         "localhost": {
             "resolveable": true,
             "addrs": [

diff --git a/integration-tests/goss/centos7/goss-expected-q.json b/integration-tests/goss/centos7/goss-expected-q.json
@@ -82,6 +82,41 @@
         }
     },
     "dns": {
+        "CNAME:c.dnstest.io": {
+            "resolveable": true,
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "MX:dnstest.io": {
+            "resolveable": true,
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "NS:dnstest.io": {
+            "resolveable": true,
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "PTR:8.8.8.8": {
+            "resolveable": true,
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "SRV:_https._tcp.dnstest.io": {
+            "resolveable": true,
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "TXT:txt._test.dnstest.io": {
+            "resolveable": true,
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "ip6.dnstest.io": {
+            "resolveable": true,
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
         "localhost": {
             "resolveable": true,
             "timeout": 1000

diff --git a/integration-tests/goss/centos7/goss-expected.json b/integration-tests/goss/centos7/goss-expected.json
@@ -105,6 +105,65 @@
         }
     },
     "dns": {
+        "CNAME:c.dnstest.io": {
+            "resolveable": true,
+            "addrs": [
+                "a.dnstest.io."
+            ],
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "MX:dnstest.io": {
+            "resolveable": true,
+            "addrs": [
+                "10 b.dnstest.io.",
+                "5 a.dnstest.io."
+            ],
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "NS:dnstest.io": {
+            "resolveable": true,
+            "addrs": [
+              "ns1.dnstest.io.",
+              "ns2.dnstest.io."
+            ],
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "PTR:8.8.8.8": {
+            "resolveable": true,
+            "addrs": [
+                "google-public-dns-a.google.com."
+            ],
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "SRV:_https._tcp.dnstest.io": {
+            "resolveable": true,
+            "addrs": [
+                "0 5 443 a.dnstest.io.",
+                "10 10 443 b.dnstest.io."
+            ],
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "TXT:txt._test.dnstest.io": {
+            "resolveable": true,
+            "addrs": [
+                "Hello DNS"
+            ],
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
+        "ip6.dnstest.io": {
+            "resolveable": true,
+            "addrs": [
+                "2404:6800:4001:807::200e"
+            ],
+            "timeout": 1000,
+            "server": "8.8.8.8"
+        },
         "localhost": {
             "resolveable": true,
             "addrs": [