Skip to content

feat: [#336] add DNS resolution check to test command#338

Merged
josecelano merged 11 commits intomainfrom
336-add-dns-resolution-check
Feb 11, 2026
Merged

feat: [#336] add DNS resolution check to test command#338
josecelano merged 11 commits intomainfrom
336-add-dns-resolution-check

Conversation

@josecelano
Copy link
Copy Markdown
Member

@josecelano josecelano commented Feb 11, 2026

Summary

Closes #336

Adds an advisory DNS resolution check to the test command. When TLS domains are configured for services (API, HTTP trackers, health check, Grafana), the test command now verifies that each domain resolves to the expected instance IP via system DNS.

Changes

Phase 1: DNS resolution infrastructure

  • New DnsResolver in src/infrastructure/dns/ using std::net::ToSocketAddrs
  • resolve() returns all resolved IPs for a domain
  • resolve_and_verify() checks resolved IPs against an expected IP
  • DnsResolutionError enum with ResolutionFailed and IpMismatch variants

Phase 2: DNS check in test command with structured TestResult

  • New TestResult type in src/application/command_handlers/test/result.rs with dns_warnings: Vec<DnsWarning>
  • DnsWarning contains domain, expected IP, and DnsIssue (ResolutionFailed or IpMismatch)
  • TestCommandHandler.execute() returns Result<TestResult, ...> — follows the established ListCommandHandlerEnvironmentList pattern
  • Checks all 4 service types: HTTP API, HTTP trackers, health check API, Grafana
  • Presentation controller renders DNS warnings from the structured result

Architecture decisions

  • Updated issue spec with Design Decision 4: structured TestResult return type
  • Application layer produces data, presentation layer renders it — no UserOutput in command handlers

Behavior

  • DNS warnings are advisory only — they do not cause the test command to fail
  • Warnings show the domain, expected IP, and resolved IPs (or resolution failure reason)
  • Step message changes to "Infrastructure tests passed (with DNS warnings)" when warnings exist
  • Only checks domains that are actually configured (TLS-enabled services)

Testing

  • Unit tests for all new types (TestResult, DnsWarning, DnsIssue, DnsResolver)
  • Manual E2E verification: DNS warnings appear for unresolvable domains and disappear once /etc/hosts is configured
  • All pre-commit checks pass (2200+ unit tests, clippy, rustfmt, doc tests, E2E tests)

@josecelano josecelano self-assigned this Feb 11, 2026
@josecelano
feat: [#336] add DNS resolution infrastructure
1763473 
- Create src/infrastructure/dns/ module with DnsResolver
- Implement system DNS resolution using std::net::ToSocketAddrs
- Add resolve() method to get IP addresses for domains
- Add resolve_and_verify() to check against expected IPs
- Add DnsResolutionError with ResolutionFailed and IpMismatch variants
- Update infrastructure mod.rs to include dns module
- Add comprehensive module documentation
- Add unit tests for resolver creation

Phase 1 of 3: DNS Resolution Infrastructure complete
@josecelano
docs: [#336] update spec with TestResult return type architecture dec…
a118f1d 
…ision
@josecelano
feat: [#336] add DNS checking to test command with structured TestResult
d8a824e 
TestCommandHandler.execute() now returns TestResult containing advisory
DNS warnings instead of unit type. This follows the same pattern as
ListCommandHandler returning EnvironmentList.

- Add TestResult, DnsWarning, DnsIssue types in application layer
- Handler extracts configured domains and checks DNS resolution
- Presentation controller renders DNS warnings from the result
- No UserOutput passed to application layer (proper DDD separation)
- Fix doctest crate name in DnsResolver
@josecelano
feat: [#336] include Grafana domain in DNS resolution checks
853899d
@josecelano
refactor: [#336] improve readability of DNS resolution check in test …
fc40b10 
…handler
@josecelano
refactor: [#336] move collect_tls_domains to AnyEnvironmentState (fix…
3c19f13 
… Feature Envy)
@josecelano
refactor: [#336] move DnsResolver instantiation inside check_single_d…
bc8e1e6 
…omain
@josecelano
refactor: [#336] extract endpoint builders to common handler utilities
bbc8280
@josecelano
refactor: [#336] add convenience function to build all tracker endpoi…
57839a2 
…nts at once
@josecelano
refactor: [#336] use short type name instead of fully-qualified path
f4fa978
@josecelano
refactor: [#336] move ServiceEndpoint to shared module
b304f9b 
ServiceEndpoint is a layer-agnostic validated wrapper (like DomainName,
BindAddress) used by both application and infrastructure layers.

Moving it from infrastructure/external_validators to shared/ makes
its role clearer as a generic utility type that doesn't belong to
any specific layer.
@josecelano josecelano force-pushed the 336-add-dns-resolution-check branch from 8377e97 to b304f9b Compare February 11, 2026 17:45
@josecelano
Copy link
Copy Markdown
Member Author

josecelano commented Feb 11, 2026

ACK b304f9b

@josecelano josecelano merged commit e4eb1c9 into main Feb 11, 2026
38 checks passed
josecelano added a commit that referenced this pull request Feb 11, 2026
@josecelano
docs: remove issue spec for #336 after PR #338 merge
00663a2
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@josecelano josecelano

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add DNS Resolution Check to Test Command

1 participant

@josecelano