skfe/go/dns/dns_test.go - buildbot - Git at Google

 // Unit tests for our Cloud DNS configuration. This tests the configuration of
 // the running configuration of our zone. See the skia.org.zone file for more
 // details.
 package dns

 import (
 	"fmt"
 	"testing"

 	"github.com/miekg/dns"
 	"github.com/stretchr/testify/require"
 )

 // Find the name of the nameservers to use for Cloud DNS by running:
 //
 //	gcloud dns managed-zones describe skia-org
 var allSkiaOrgNameServers = []string{
 	// These names come from running `gcloud dns managed-zones describe skia-org`.
 	"ns-cloud-c1.googledomains.com:53",
 	"ns-cloud-c2.googledomains.com:53",
 	"ns-cloud-c3.googledomains.com:53",
 	"ns-cloud-c4.googledomains.com:53",
 }

 var allLuciAppNameServers = []string{
 	// These names come from running `gcloud dns managed-zones describe luci-app`.
 	"ns-cloud-b1.googledomains.com:53",
 	"ns-cloud-b2.googledomains.com:53",
 	"ns-cloud-b3.googledomains.com:53",
 	"ns-cloud-b4.googledomains.com:53",
 }

 // testSkiaOrgZoneEntry tests a single DNS Zone entry.
 //
 // qType is the record type, and constants for this variable are defined in the
 // dns module.
 func testSkiaOrgZoneEntry(t *testing.T, qType uint16, domainName, expectedValue string) {
 	testZoneEntry(t, qType, domainName, expectedValue, allSkiaOrgNameServers)
 }

 // testLuciAppZoneEntry tests a single DNS Zone entry.
 //
 // qType is the record type, and constants for this variable are defined in the
 // dns module.
 func testLuciAppZoneEntry(t *testing.T, qType uint16, domainName, expectedValue string) {
 	testZoneEntry(t, qType, domainName, expectedValue, allLuciAppNameServers)
 }

 // testSkiaOrgZoneEntry tests a single DNS Zone entry.
 //
 // qType is the record type, and constants for this variable are defined in the
 // dns module.
 func testZoneEntry(t *testing.T, qType uint16, domainName, expectedValue string, nameservers []string) {
 	dnsMsg := &dns.Msg{
 		MsgHdr: dns.MsgHdr{
 			Id:               dns.Id(),
 			RecursionDesired: false,
 		},
 		Question: []dns.Question{
 			{
 				Name:   domainName,
 				Qtype:  qType,
 				Qclass: dns.ClassINET,
 			},
 		},
 	}
 	dnsClient := dns.Client{}

 	t.Run(fmt.Sprintf("%s_%d", domainName, qType), func(t *testing.T) {
 		for _, nameserver := range nameservers {
 			response, _, err := dnsClient.Exchange(dnsMsg, nameserver)
 			require.NoError(t, err, "nameserver: %q", nameserver)
 			require.Contains(t, response.Answer[0].String(), expectedValue, "nameserver: %q", nameserver)
 		}
 	})

 }

 func TestSkiaOrgDNSConfiguration(t *testing.T) {

 	// Keep these tests in the same order as the records appear in
 	// skia.org.zone, to make it easier to confirm that all cases are being
 	// tested.
 	testSkiaOrgZoneEntry(t, dns.TypeMX, "skia.org.", "smtp.google.com.")

 	testSkiaOrgZoneEntry(t, dns.TypeCAA, "skia.org.", "pki.goog")

 	testSkiaOrgZoneEntry(t, dns.TypeCNAME, "_validate_domain.skia.org.", "_validate_domain.pki.goog.")

 	testSkiaOrgZoneEntry(t, dns.TypeA, "androidx2-perf.skia.org.", "34.110.212.89")
 	testSkiaOrgZoneEntry(t, dns.TypeA, "autoroll.skia.org.", "34.110.212.89")
 	testSkiaOrgZoneEntry(t, dns.TypeA, "status.skia.org.", "34.110.212.89")
 	testSkiaOrgZoneEntry(t, dns.TypeA, "cabe.skia.org.", "34.110.212.89")
 	testSkiaOrgZoneEntry(t, dns.TypeA, "perf-infra-public-cdb.skia.org.", "34.110.212.89")
 	testSkiaOrgZoneEntry(t, dns.TypeA, "envoy-admin-panel-public.skia.org.", "34.110.212.89")

 	testSkiaOrgZoneEntry(t, dns.TypeA, "skia.org.", "35.201.76.220")

 	testSkiaOrgZoneEntry(t, dns.TypeTXT, "skia.org.", "v=spf1 include:_spf.google.com ~all")

 	testSkiaOrgZoneEntry(t, dns.TypeTXT, "_dmarc.skia.org.", "v=DMARC1; p=reject; rua=mailto:mailauth-reports@google.com")

 	testSkiaOrgZoneEntry(t, dns.TypeCNAME, "em258.skia.org.", "u26644806.wl057.sendgrid.net.")
 	testSkiaOrgZoneEntry(t, dns.TypeCNAME, "s1._domainkey.skia.org.", "s1.domainkey.u26644806.wl057.sendgrid.net.")
 	testSkiaOrgZoneEntry(t, dns.TypeCNAME, "s2._domainkey.skia.org.", "s2.domainkey.u26644806.wl057.sendgrid.net.")
 	testSkiaOrgZoneEntry(t, dns.TypeCNAME, "url9405.skia.org.", "sendgrid.net.")
 	testSkiaOrgZoneEntry(t, dns.TypeCNAME, "26644806.skia.org.", "sendgrid.net.")

 	testSkiaOrgZoneEntry(t, dns.TypeCNAME, "some-random-sub-domain.skia.org.", "skia.org.")
 }

 func TestLuciAppDNSConfiguration(t *testing.T) {

 	// Keep these tests in the same order as the records appear in
 	// luci.app.zone, to make it easier to confirm that all cases are being
 	// tested.

 	testLuciAppZoneEntry(t, dns.TypeCAA, "luci.app.", "pki.goog")
 	testLuciAppZoneEntry(t, dns.TypeCNAME, "_validate_domain.luci.app.", "_validate_domain.pki.goog.")
 	testLuciAppZoneEntry(t, dns.TypeA, "luci.app.", "34.110.212.89")
 	testLuciAppZoneEntry(t, dns.TypeCNAME, "some-random-sub-domain.luci.app.", "luci.app.")
 }
	// Unit tests for our Cloud DNS configuration. This tests the configuration of
	// the running configuration of our zone. See the skia.org.zone file for more
	// details.
	package dns

	import (
	"fmt"
	"testing"

	"github.com/miekg/dns"
	"github.com/stretchr/testify/require"
	)

	// Find the name of the nameservers to use for Cloud DNS by running:
	//
	// gcloud dns managed-zones describe skia-org
	var allSkiaOrgNameServers = []string{
	// These names come from running `gcloud dns managed-zones describe skia-org`.
	"ns-cloud-c1.googledomains.com:53",
	"ns-cloud-c2.googledomains.com:53",
	"ns-cloud-c3.googledomains.com:53",
	"ns-cloud-c4.googledomains.com:53",
	}

	var allLuciAppNameServers = []string{
	// These names come from running `gcloud dns managed-zones describe luci-app`.
	"ns-cloud-b1.googledomains.com:53",
	"ns-cloud-b2.googledomains.com:53",
	"ns-cloud-b3.googledomains.com:53",
	"ns-cloud-b4.googledomains.com:53",
	}

	// testSkiaOrgZoneEntry tests a single DNS Zone entry.
	//
	// qType is the record type, and constants for this variable are defined in the
	// dns module.
	func testSkiaOrgZoneEntry(t *testing.T, qType uint16, domainName, expectedValue string) {
	testZoneEntry(t, qType, domainName, expectedValue, allSkiaOrgNameServers)
	}

	// testLuciAppZoneEntry tests a single DNS Zone entry.
	//
	// qType is the record type, and constants for this variable are defined in the
	// dns module.
	func testLuciAppZoneEntry(t *testing.T, qType uint16, domainName, expectedValue string) {
	testZoneEntry(t, qType, domainName, expectedValue, allLuciAppNameServers)
	}

	// testSkiaOrgZoneEntry tests a single DNS Zone entry.
	//
	// qType is the record type, and constants for this variable are defined in the
	// dns module.
	func testZoneEntry(t *testing.T, qType uint16, domainName, expectedValue string, nameservers []string) {
	dnsMsg := &dns.Msg{
	MsgHdr: dns.MsgHdr{
	Id: dns.Id(),
	RecursionDesired: false,
	},
	Question: []dns.Question{
	{
	Name: domainName,
	Qtype: qType,
	Qclass: dns.ClassINET,
	},
	},
	}
	dnsClient := dns.Client{}

	t.Run(fmt.Sprintf("%s_%d", domainName, qType), func(t *testing.T) {
	for _, nameserver := range nameservers {
	response, _, err := dnsClient.Exchange(dnsMsg, nameserver)
	require.NoError(t, err, "nameserver: %q", nameserver)
	require.Contains(t, response.Answer[0].String(), expectedValue, "nameserver: %q", nameserver)
	}
	})

	}

	func TestSkiaOrgDNSConfiguration(t *testing.T) {

	// Keep these tests in the same order as the records appear in
	// skia.org.zone, to make it easier to confirm that all cases are being
	// tested.
	testSkiaOrgZoneEntry(t, dns.TypeMX, "skia.org.", "smtp.google.com.")

	testSkiaOrgZoneEntry(t, dns.TypeCAA, "skia.org.", "pki.goog")

	testSkiaOrgZoneEntry(t, dns.TypeCNAME, "_validate_domain.skia.org.", "_validate_domain.pki.goog.")

	testSkiaOrgZoneEntry(t, dns.TypeA, "androidx2-perf.skia.org.", "34.110.212.89")
	testSkiaOrgZoneEntry(t, dns.TypeA, "autoroll.skia.org.", "34.110.212.89")
	testSkiaOrgZoneEntry(t, dns.TypeA, "status.skia.org.", "34.110.212.89")
	testSkiaOrgZoneEntry(t, dns.TypeA, "cabe.skia.org.", "34.110.212.89")
	testSkiaOrgZoneEntry(t, dns.TypeA, "perf-infra-public-cdb.skia.org.", "34.110.212.89")
	testSkiaOrgZoneEntry(t, dns.TypeA, "envoy-admin-panel-public.skia.org.", "34.110.212.89")

	testSkiaOrgZoneEntry(t, dns.TypeA, "skia.org.", "35.201.76.220")

	testSkiaOrgZoneEntry(t, dns.TypeTXT, "skia.org.", "v=spf1 include:_spf.google.com ~all")

	testSkiaOrgZoneEntry(t, dns.TypeTXT, "_dmarc.skia.org.", "v=DMARC1; p=reject; rua=mailto:mailauth-reports@google.com")

	testSkiaOrgZoneEntry(t, dns.TypeCNAME, "em258.skia.org.", "u26644806.wl057.sendgrid.net.")
	testSkiaOrgZoneEntry(t, dns.TypeCNAME, "s1._domainkey.skia.org.", "s1.domainkey.u26644806.wl057.sendgrid.net.")
	testSkiaOrgZoneEntry(t, dns.TypeCNAME, "s2._domainkey.skia.org.", "s2.domainkey.u26644806.wl057.sendgrid.net.")
	testSkiaOrgZoneEntry(t, dns.TypeCNAME, "url9405.skia.org.", "sendgrid.net.")
	testSkiaOrgZoneEntry(t, dns.TypeCNAME, "26644806.skia.org.", "sendgrid.net.")

	testSkiaOrgZoneEntry(t, dns.TypeCNAME, "some-random-sub-domain.skia.org.", "skia.org.")
	}

	func TestLuciAppDNSConfiguration(t *testing.T) {

	// Keep these tests in the same order as the records appear in
	// luci.app.zone, to make it easier to confirm that all cases are being
	// tested.

	testLuciAppZoneEntry(t, dns.TypeCAA, "luci.app.", "pki.goog")
	testLuciAppZoneEntry(t, dns.TypeCNAME, "_validate_domain.luci.app.", "_validate_domain.pki.goog.")
	testLuciAppZoneEntry(t, dns.TypeA, "luci.app.", "34.110.212.89")
	testLuciAppZoneEntry(t, dns.TypeCNAME, "some-random-sub-domain.luci.app.", "luci.app.")
	}