feat(preflights): add host dns wildcard check (#1210)

* add host dns wildcard check * update from code review * rebase * update message * update message
replicatedhq · Oct 14, 2024 · d39db4a · d39db4a
1 parent fd08366
commit d39db4a
Showing 1 changed file with 18 additions and 1 deletion.
diff --git a/pkg/preflights/host-preflight.yaml b/pkg/preflights/host-preflight.yaml
@@ -123,6 +123,10 @@ spec:
           - -c
           - |
             [ -d "{{ .DataDir }}" ] && [ -L "{{ .DataDir }}" ] && echo "{{ .DataDir }} is a symlink" || echo "{{ .DataDir }} is not a symlink"
+    - dns:
+        collectorName: 'wildcard-check'
+        hostnames:
+          - '*'
   analyzers:
     - cpu:
         checkName: CPU
@@ -403,7 +407,7 @@ spec:
         outcomes:
           - fail:
               when: "true"
-              message: "Neither 'nameserver localhost' nor 'nameserver 127.0.0.1' can be present in resolv.conf. Remove them to continue."
+              message: "Local DNS resolver detected. Remove the localhost and/or 127.0.0.1 nameserver entries from resolv.conf."
           - pass:
               when: "false"
               message: "Neither 'nameserver localhost' nor 'nameserver 127.0.01' is present in resolv.conf"
@@ -763,3 +767,16 @@ spec:
           - pass:
               when: 'false'
               message: {{ .DataDir }} is not a symlink.
+    - jsonCompare:
+        checkName: Wildcard DNS
+        fileName: host-collectors/dns/wildcard-check/result.json
+        path: 'resolvedFromSearch'
+        value: |
+          ""
+        outcomes:
+          - fail:
+              when: 'false'
+              message: 'Wildcard DNS entry *.{{ "{{" }}  .resolvedFromSearch {{ "}}" }} detected. Remove the wildcard DNS entry or the {{ "{{" }}  .resolvedFromSearch {{ "}}" }} search domain from resolv.conf.'
+          - pass:
+              when: 'true'
+              message: No wildcard DNS entry detected.