sneak/dnswatcher
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: sneak:fix/67-readme-api-endpoints
Branches Tags
sneak:main sneak:fix/empty-targets-validation sneak:fix/67-readme-api-endpoints sneak:fix/issue-39-repo-policies sneak:fix/issue-35-retry-timeout sneak:fix/mock-resolver-tests sneak:fix/dns-timeout-and-root-fanout sneak:fix/query-timeout-and-recursive-resolution sneak:fix/make-check-resolver-tests sneak:fix/state-save-data-race sneak:fix/gosec-g704-ssrf sneak:feature/watcher-implementation sneak:feature/unified-targets
...
compare: sneak:673302c1305f500d07ed0ed9ba69312b51739ddf
Branches Tags
sneak:main sneak:fix/empty-targets-validation sneak:fix/67-readme-api-endpoints sneak:fix/issue-39-repo-policies sneak:fix/issue-35-retry-timeout sneak:fix/mock-resolver-tests sneak:fix/dns-timeout-and-root-fanout sneak:fix/query-timeout-and-recursive-resolution sneak:fix/make-check-resolver-tests sneak:fix/state-save-data-race sneak:fix/gosec-g704-ssrf sneak:feature/watcher-implementation sneak:feature/unified-targets

3 Commits
fix/67-rea ... 673302c130

Author SHA1 Message Date
Jeffrey Paul
673302c130 Merge branch 'main' into fix/readme-accuracy
All checks were successful
check / check (push) Successful in 8s
Details
2026-03-02 08:40:27 +01:00
clawbot
e882e7d237 feat: fail fast when no monitoring targets configured (#75)
Some checks failed
check / check (push) Failing after 46s
Details 
## Summary

When `DNSWATCHER_TARGETS` is empty (the default), dnswatcher previously started successfully and ran indefinitely monitoring nothing. This is a common misconfiguration — forgetting to set the variable or making a typo in its name — and gave no indication anything was wrong.

## Changes

- Added `ErrNoTargets` sentinel error in `internal/config/config.go`
- Extracted `parseAndValidateTargets()` helper to validate that at least one domain or hostname is configured after target classification
- If no targets are configured, dnswatcher now exits with a clear error: `"no monitoring targets configured: set DNSWATCHER_TARGETS environment variable"`
- Updated README.md to document that `DNSWATCHER_TARGETS` is required and dnswatcher will refuse to start without it

## How it works

The validation runs during config construction (via uber/fx), before the watcher or any other component starts. If `DNSWATCHER_TARGETS` is empty or contains only whitespace/empty entries, `buildConfig()` returns `ErrNoTargets`, which causes fx to fail startup with a clear error message.

This is fail-fast behavior: a monitoring daemon with nothing to monitor is a misconfiguration and should not silently run.

Closes #69

Co-authored-by: clawbot <clawbot@noreply.git.eeqj.de>
Reviewed-on: #75
Co-authored-by: clawbot <clawbot@noreply.example.org>
Co-committed-by: clawbot <clawbot@noreply.example.org>
 2026-03-02 01:26:55 +01:00
clawbot
dc6c6cfd82 docs: fix README inaccuracies found during QA audit
All checks were successful
check / check (push) Successful in 5s
Details
2026-03-01 15:59:20 -08:00
2 changed files with 30 additions and 12 deletions
Expand all files Collapse all files

14
README.md
View File

@@ -52,10 +52,6 @@ without requiring an external database.
responding again.
- **Inconsistency detected**: Two nameservers that previously agreed
now return different record sets for the same hostname.
- **Inconsistency resolved**: Nameservers that previously disagreed
are now back in agreement.
- **Empty response**: A nameserver that previously returned records
now returns an authoritative empty response (NODATA/NXDOMAIN).
### TCP Port Monitoring
@@ -136,8 +132,6 @@ dnswatcher exposes a lightweight HTTP API for operational visibility:
|---------------------------------------|--------------------------------|
| `GET /health` | Health check (JSON) |
| `GET /api/v1/status` | Current monitoring state |
| `GET /api/v1/domains` | Configured domains and status |
| `GET /api/v1/hostnames` | Configured hostnames and status|
| `GET /metrics` | Prometheus metrics (optional) |
---
@@ -210,6 +204,12 @@ the following precedence (highest to lowest):
| `DNSWATCHER_METRICS_USERNAME` | Basic auth username for /metrics | `""` |
| `DNSWATCHER_METRICS_PASSWORD` | Basic auth password for /metrics | `""` |
**`DNSWATCHER_TARGETS` is required.** dnswatcher will refuse to start if no
monitoring targets are configured. A monitoring daemon with nothing to monitor
is a misconfiguration, so dnswatcher fails fast with a clear error message
rather than running silently. Set `DNSWATCHER_TARGETS` to a comma-separated
list of DNS names before starting.
### Example `.env`
```sh
@@ -319,8 +319,6 @@ tracks reachability:
|-------------|-------------------------------------------------|
| `ok` | Query succeeded, records are current |
| `error` | Query failed (timeout, SERVFAIL, network error) |
| `nxdomain` | Authoritative NXDOMAIN response |
| `nodata` | Authoritative empty response (NODATA) |
---

28
internal/config/config.go
View File

@@ -23,6 +23,11 @@ const (
defaultTLSExpiryWarning = 7
)
// ErrNoTargets is returned when no monitoring targets are configured.
var ErrNoTargets = errors.New(
"no monitoring targets configured: set DNSWATCHER_TARGETS environment variable",
)
// Params contains dependencies for Config.
type Params struct {
fx.In
@@ -132,11 +137,9 @@ func buildConfig(
tlsInterval = defaultTLSInterval
}
domains, hostnames, err := ClassifyTargets(
parseCSV(viper.GetString("TARGETS")),
)
domains, hostnames, err := parseAndValidateTargets()
if err != nil {
return nil, fmt.Errorf("invalid targets configuration: %w", err)
return nil, err
}
cfg := &Config{
@@ -162,6 +165,23 @@ func buildConfig(
return cfg, nil
}
func parseAndValidateTargets() ([]string, []string, error) {
domains, hostnames, err := ClassifyTargets(
parseCSV(viper.GetString("TARGETS")),
)
if err != nil {
return nil, nil, fmt.Errorf(
"invalid targets configuration: %w", err,
)
}
if len(domains) == 0 && len(hostnames) == 0 {
return nil, nil, ErrNoTargets
}
return domains, hostnames, nil
}
func parseCSV(input string) []string {
if input == "" {
return nil