Check indivual records against an allowlist of records like A AAAA CAA CNAME NS PTR SOA SSHFP SRV TXT.
An example of incorrect -> correct record: D4081
Description
Description
Related Objects
Related Objects
- Mentioned Here
- D4081: Correct AAAA record
Event Timeline
Comment Actions
Was initially caught by kzonecheck after deployment of the zone file, and before reloading knot.
Specific check is interesting because they can pinpoint to the issue, so this new linter is welcome.
Meanwhile, if we run systematically make test, we'll catch the issue:
$ make test […] error: failed to run semantic checks Assertion error caught with data set ('../pillar/dns/dns-001/dns_zones.sls', {'dns_zones': ['testdom2.ook.space', 'nasqueron.org'], 'dns_identity': 'ns1.nasqueron.org', 'dns_zone_variables': {'www': {'alkane': {'A': '51.255.124.10', 'AAAA': '2001:41d0:303:d971::517e:c0de'}, 'dev': {'A': '195.154.30.15', 'AAAA': '2001:bc8:2e84:700::da7a:7001'}}}}) F ====================================================================== FAIL: test_zone_content (__main__.Testinstance.test_zone_content) ---------------------------------------------------------------------- Traceback (most recent call last): File "/home/dereckson/dev/python/ops3/lib/python3.11/site-packages/unittest_data_provider/__init__.py", line 7, in repl fn(self, *i) File "/home/dereckson/dev/nasqueron/operations/operations/_tests/roles/python/dns/test_dns_zones.py", line 125, in test_zone_content self.assertTrue( AssertionError: False is not true : Zone for nasqueron.org doesn't pass Knot checks. Edit ../roles/dns/knot/files/zones/nasqueron.org.zone ----------------------------------------------------------------------