Oto Šťáva [Mon, 27 May 2024 10:59:51 +0000 (12:59 +0200)]
Non-trivial merge 'master-5' (see 'modules/stats')
modules/stats: adapt aggregate stats to the new hierarchical format
Knot Resolver 6 changed the structure of the stats return value, making
it more hierarchical, i.e. the returned object contains nested
"sub-objects", rather than being flat. This commit adapts the new
aggregate stats to this new structure, for consistency.
Vladimír Čunát [Mon, 20 May 2024 11:32:52 +0000 (13:32 +0200)]
modules/stats: split request.* metrics to IPv4 and IPv6
Let's have .total4 and .total6, too. Then .total could be expressed
as a sum of *three* (including .internal), so it's still counted
separately, as an exception.
Oto Šťáva [Tue, 7 May 2024 14:41:42 +0000 (16:41 +0200)]
tests/pytests/utils: handle SSLEOFError
It used to just throw BrokenPipeError, but newer versions of Python have
a separate exception for when the connection is closed in violation of
TLS rules, which Knot Resolver does deliberately so as to not waste time
on properly closing TLS connections with misbehaving peers.
Oto Šťáva [Tue, 7 May 2024 11:29:32 +0000 (13:29 +0200)]
test/pytests/test_tls: remove resumption test
Knot Resolver disables resumption on TLS <=1.2 as it is vulnerable to
replay attacks, so the test makes no sense, as that one was specifically
disabled for TLS >=1.3 (Python had no support for it at the time).
We should make a new test for this with TLS 1.3 support.
Oto Šťáva [Mon, 29 Apr 2024 13:09:01 +0000 (15:09 +0200)]
Silence Clang-Tidy
This commit makes lots of changes to the C code to appease the
Clang-Tidy linter. Some of the less obvious ones are due to C's weird
semantics regarding handling of numeric literals.
We also disable a bunch of the detections because they are
super-pedantic, arguably useless, or we have our own unwritten coding
style rules that solve the issues.
Oto Šťáva [Tue, 23 Apr 2024 14:34:08 +0000 (16:34 +0200)]
.gitlab-ci, tests, modules: adapt to knot-resolver-ci repo
This is the bulk of the CI/CD overhaul.
Most of the changes are to the `.gitlab-ci.yml` file, where the build
images used are replaced with the ones provided by the
`knot-resolver-ci` repository. Some cleanups have also been done.
The commit also adds unit testing with Knot Resolver built against
multiple versions of Knot DNS, including the `master` branch. The
`master` branch image is built nightly in the `knot-resolver-ci` repo.
We have also removed `scan-build`, as its tests change frequently, with
lots of false-positives, which are very different on each version, and
there is no good way to ignore some detections. Clang-Tidy covers some
of the same issues, and we also have Coverity Scan. Should be more than
enough.
A few config tests were also excluded in the AddressSanitizer tests,
because they produce false-positives.
Vladimír Čunát [Thu, 9 May 2024 06:36:08 +0000 (08:36 +0200)]
Resolve !1509 with 6.0 (libknot 3.4 compatibility)
- some knot_wire_next_label() calls were added since master,
so those get changed as in a083f3fe63cffbabb19e6b67848151f4bb6d623c
- some code has moved since master (to lib/resolve-produce.c),
and unfortunately the MR !1509 did change some of it,
and git was unable to handle this automatically
This merge commit is separate, only bringing !1509 and no other
changes from master, so that it's easier to understand.
Aleš Mrázek [Thu, 21 Mar 2024 13:53:54 +0000 (14:53 +0100)]
manager: api: metrics: JSON support as default
- /metrics - returns 301, redirects to /metrics/json
- /metrics/json - exports metrics in JSON format
- /metrics/prometheus - optional, exports metrics in Prometheus format, returns 404 if not supported
Oto Šťáva [Fri, 5 Apr 2024 09:57:22 +0000 (11:57 +0200)]
daemon/meson.build: add install_rpath to kresd
This fixes the default use-case for developers when they put their
install prefix somewhere where the system `LD_LIBRARY_PATH` does not
point. Before this, `kresd` would fail to start after `ninja install`
because it would not be able to find the `libkres.so` library.
The original workaround to this was to use `meson configure
-Ddefault_library=static`, but firstly, we would like it to be working
with the default settings, and secondly, we would like to have it as
similar to what most users will encounter as possible.
Oto Šťáva [Tue, 2 Apr 2024 09:29:29 +0000 (11:29 +0200)]
distro/pkg/rpm: use noreplace for config.yaml
Adds `%config(noreplace)` to `config.yaml`. This prevents the package
from overwriting the user's edited configuration upon update, and
instead adds the new default configuration as a `.rpmnew` file for the
user to potentially consider.
Vladimír Čunát [Fri, 22 Mar 2024 10:56:30 +0000 (11:56 +0100)]
lib/rules: increase default DB size to 2G on 64-bit platforms
The file is sparse, which really is supported by all sane filesystems
nowadays I think. But for 32-bit systems I'm a bit afraid for the
ability to reliably get such a large contiguous mapping in process memory,
so there we take the 500M limit tested in knot-dns:
https://gitlab.nic.cz/knot/knot-dns/-/blob/v3.3.5/src/knot/conf/schema.c#L39
Vladimír Čunát [Fri, 22 Mar 2024 10:45:51 +0000 (11:45 +0100)]
manager: increase startup timeout for processes
In production I believe we can assume that process continuing to work
without bailing out is probably doing something useful, e.g.
in case of kresd it might be preparing a very large rule-set.
projects / thirdparty / knot-resolver.git / log
