fix(mongodb-cloud-info): if the host's IP is not in a cloud's range, check if the CNAME resolves to AWS. COMPASS-8932 (#526)

* If the host's IP is not in a cloud's range, check if the CNAME resolves to AWS.

* Update packages/mongodb-cloud-info/src/index.ts

Co-authored-by: Anna Henningsen <anna.henningsen@mongodb.com>

* without the .only

* reformat unrelated code

---------

Co-authored-by: Anna Henningsen <anna.henningsen@mongodb.com>

Author: lerouxb

packages/dl-center/src/download-center.spec.ts

@@ -86,11 +86,11 @@ describe('download center client', function () {
         createReadStream(fixturePath('asset.txt')),
         {
           acl: 'private',
-        }
+        },
       );
 
       const content = await downloadCenter.downloadAsset(
-        'prefix-private/asset.txt'
+        'prefix-private/asset.txt',
       );
       expect(content?.toString()).to.contain('content');
     });

packages/mongodb-cloud-info/src/index.spec.ts

@@ -87,4 +87,15 @@ describe('getCloudInfo', function () {
       isAzure: true,
     });
   });
+
+  it('returns {isAws: true} if CNAME resolves to an AWS host', async function () {
+    const cloudInfo = await getCloudInfo(
+      'compass-data-sets-shard-00-00.e06dc.mongodb.net',
+    );
+    expect(cloudInfo).to.deep.equal({
+      isAws: true,
+      isGcp: false,
+      isAzure: false,
+    });
+  });
 }).timeout(5000);

packages/mongodb-cloud-info/src/index.ts

@@ -22,6 +22,7 @@ export type RawCloudProviderCIDRs = {
 let unparsedCIDRsPromise: Promise<RawCloudProviderCIDRs> | undefined;
 
 const dnsLookup = util.promisify(dns.lookup.bind(dns));
+const dnsResolveCname = util.promisify(dns.resolveCname.bind(dns));
 
 function rangesContainsIP(
   ipRanges: ParsedCIDRs,
@@ -41,6 +42,18 @@ function parseCIDRs(rawCidrs: RawCIDRs): ParsedCIDRs {
   };
 }
 
+async function hasAWSCname(host: string) {
+  try {
+    const addresses = await dnsResolveCname(host);
+    return addresses.some((address) => address.endsWith('.amazonaws.com'));
+  } catch (err: unknown) {
+    // This can be any of a long list of codes, but in all cases we're just
+    // going to assume that it is not on an AWS host.
+    // (see https://nodejs.org/api/dns.html#error-codes)
+    return false;
+  }
+}
+
 export async function getCloudInfo(host?: string) {
   if (!host) {
     return {
@@ -69,9 +82,15 @@ export async function getCloudInfo(host?: string) {
     throw err;
   }
 
-  return {
+  const info = {
     isAws: rangesContainsIP(parseCIDRs(unparsedCIDRs.aws), ip),
     isGcp: rangesContainsIP(parseCIDRs(unparsedCIDRs.gcp), ip),
     isAzure: rangesContainsIP(parseCIDRs(unparsedCIDRs.azure), ip),
   };
+
+  if (!info.isAws && !info.isGcp && !info.isAzure) {
+    info.isAws = await hasAWSCname(host);
+  }
+
+  return info;
 }