libs/tools: change resolve_identifier() to return ipv4 and ipv6 separately
All checks were successful
bundlewrap/pipeline/head This commit looks good

This commit is contained in:
Franzi 2020-11-09 18:46:37 +01:00
parent 67386d9efa
commit eaf268aea9
Signed by: kunsi
GPG key ID: 12E3D2136B818350
3 changed files with 28 additions and 28 deletions

View file

@ -35,9 +35,8 @@ def get_ips_of_secondary_nameservers(metadata):
ips = set() ips = set()
for rnode in repo.nodes_in_group('dns'): for rnode in repo.nodes_in_group('dns'):
if rnode.metadata.get('powerdns/is_secondary', False): if rnode.metadata.get('powerdns/is_secondary', False):
ips.update({ for identifier, found_ips in repo.libs.tools.resolve_identifier(repo, rnode.name).items():
str(ip) for ip in repo.libs.tools.resolve_identifier(repo, rnode.name) ips.update({str(ip) for ip in found_ips})
})
return { return {
'powerdns': { 'powerdns': {
@ -53,9 +52,8 @@ def get_ips_of_primary_nameservers(metadata):
ips = set() ips = set()
for rnode in repo.nodes_in_group('dns'): for rnode in repo.nodes_in_group('dns'):
if not rnode.metadata.get('powerdns/is_secondary', False): if not rnode.metadata.get('powerdns/is_secondary', False):
ips.update({ for identifier, found_ips in repo.libs.tools.resolve_identifier(repo, rnode.name).items():
str(ip) for ip in repo.libs.tools.resolve_identifier(repo, rnode.name) ips.update({str(ip) for ip in found_ips})
})
return { return {
'powerdns': { 'powerdns': {
@ -75,29 +73,19 @@ def generate_dns_entries_for_nodes(metadata):
ip4 = None ip4 = None
ip6 = None ip6 = None
ips = repo.libs.tools.resolve_identifier(repo, rnode.name) found_ips = repo.libs.tools.resolve_identifier(repo, rnode.name)
for ip in ips: for ip in sorted(found_ips['ipv4']):
if ( if not ip4 and not ip.is_private:
not ip4 and
not ip.is_private and
'.' in str(ip) # poor-mans 'is this ipv4' detection
):
ip4 = ip ip4 = ip
if ( for ip in sorted(found_ips['ipv6']):
not ip6 and if not ip6 and not ip.is_private:
not ip.is_private and
':' in str(ip)
):
ip6 = ip ip6 = ip
# We're doing this once again to get the nodes which only have # We're doing this once again to get the nodes which only have
# private ips. # private ips.
if not ip4: if not ip4 and len(found_ips['ipv4']):
for ip in ips: ip4 = sorted(found_ips['ipv4'])[0]
if '.' in str(ip):
ip4 = ip
break
if ip4: if ip4:
results.add('{} IN A {}'.format(dns_name, ip4)) results.add('{} IN A {}'.format(dns_name, ip4))

View file

@ -36,9 +36,10 @@ def populate_permitted_ips_list_with_ips_from_repo(metadata):
ips = set() ips = set()
for rnode in repo.nodes: for rnode in repo.nodes:
for ip in repo.libs.tools.resolve_identifier(repo, rnode.name): for identifier, found_ips in repo.libs.tools.resolve_identifier(repo, rnode.name).items():
if not ip.is_private: for ip in found_ips:
ips.add(str(ip)) if not ip.is_private:
ips.add(str(ip))
return { return {
'rspamd': { 'rspamd': {

View file

@ -1,5 +1,5 @@
from bundlewrap.exceptions import NoSuchGroup, NoSuchNode from bundlewrap.exceptions import NoSuchGroup, NoSuchNode
from ipaddress import ip_address from ipaddress import ip_address, IPv4Address
def resolve_identifier(repo, identifier): def resolve_identifier(repo, identifier):
""" """
@ -29,4 +29,15 @@ def resolve_identifier(repo, identifier):
if node.metadata.get('external_ipv4', None): if node.metadata.get('external_ipv4', None):
found_ips.add(ip_address(node.metadata.get('external_ipv4'))) found_ips.add(ip_address(node.metadata.get('external_ipv4')))
return found_ips ip_dict = {
'ipv4': set(),
'ipv6': set(),
}
for ip in found_ips:
if isinstance(ip, IPv4Address):
ip_dict['ipv4'].add(ip)
else:
ip_dict['ipv6'].add(ip)
return ip_dict