Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: move DNS checker slackbot from lambda #1367

Merged
merged 6 commits into from
Jun 4, 2024

Conversation

dcshzj
Copy link
Contributor

@dcshzj dcshzj commented May 10, 2024

Problem

The DNS checker Slackbot currently lives inside a lambda.

Solution

Breaking Changes

  • Yes - this PR contains breaking changes
  • No - this PR is backwards compatible with ALL of the following feature flags in this doc

Features:

  • Move the lambda function into the CMS support container.
    • There's quite a bit of permutations on the possible states, so the code is a little jank. Open to suggestions on how we can improve it.

Tests

  • Use the slash command /stagingasjklasd inside our Slack (this is connected to our staging instance)
  • Verify the output for a few domains

Deploy Notes

None

@dcshzj dcshzj marked this pull request as ready for review May 10, 2024 09:00
@dcshzj dcshzj requested a review from a team May 10, 2024 09:00
@@ -41,5 +42,26 @@ const handleWhitelistEmails: RequestHandler<
}
}

const handleDnsChecker: RequestHandler<
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

trouble you to remove the console.log in line 22 please

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Removed in 15d5512!

message: `Sorry, \`${req.body.text}\` is not a valid domain name. Please try again with a valid one instead.`,
})

// We need to return 200 OK to Slack before we process the request
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this comment misplaced? seems like we only return a 200 after we actually to the dns calls and get a proper response.

also why are we optimising for api response times here ah? shouldn't this just be a ping to the domain name, should be at most 2-3 network calls no?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh yeah the comment was for a previous iteration where the response was done later, but opted to return immediately for simplicity.

Removed in 15d5512!

support/routes/v2/isobot/ops/botService.ts Show resolved Hide resolved
Promise.race([
dns.resolveCname(domain),
new Promise<null>((_, reject) =>
setTimeout(() => reject(null), DNS_TIMEOUT)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

rather than null can just put something like timeout exceeded

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

arh unless this was a typing thing

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah yeah the logger.info would have captured this.


getValidatedDomain(payload: SlackPayload) {
const { text: domain } = payload
const DOMAIN_NAME_REGEX = /^[a-zA-Z0-9][a-zA-Z0-9-]{0,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+$/
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

damn where did 61 come from

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Domain names have a character limit of 63 characters per part, so the 61 comes from the 63 minus the first and last character.

: `${domain.replaceAll(".", "-")}.${DNS_INDIRECTION_DOMAIN}`

return ResultAsync.combine([
okAsync(null),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i believe this is misplaced

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm no, this one is explicit to be null because the cnameDomain does not actually exist, so we know that it is not valid.

])
})
.andThen(
([cnameDomain, cnameRecord, indirectionDomain, indirectionRecords]) => {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: prefer obj over passing in an array so we dont mix up the elements accidently

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No strong opinions here but was thinking of structuring it this way so that each step of the checking process is separate. Alternatively doing the object method means they would be in a single ResultAsync.combine(). Possible but would prefer keeping it the current way for better understanding of the process flow, let me know your thoughts.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Adjusted in d33c2d0!

const isIntermediateValid =
intermediateRecords &&
((cnameRecord &&
cnameRecord.endsWith(".kxcdn.com") &&
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i think we declared the suffixes in a different constants.ts file

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm couldn't find this definition :(

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dcshzj dcshzj requested a review from kishore03109 May 13, 2024 12:52
@@ -77,6 +77,7 @@ export const REDIRECTION_SERVER_IPS = [
"18.139.47.66",
]
export const DNS_INDIRECTION_DOMAIN = "hostedon.isomer.gov.sg"
export const DNS_CNAME_SUFFIXES = ["cloudfront.net", "kxcdn.com"]
Copy link
Contributor

@kishore03109 kishore03109 May 13, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sir I meant that its declared in the constants file here haha, approving this pr with nits to use the constants rather than declaring the string in line

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah okay, updated in 3ea7d34!

@kishore03109 kishore03109 self-requested a review May 13, 2024 23:51
@harishv7 harishv7 force-pushed the harish/isom-1037-create-automation-for-prod-ops-to-whitelist branch from 11af7df to 89e4bf5 Compare May 19, 2024 06:44
@seaerchin seaerchin force-pushed the harish/isom-1037-create-automation-for-prod-ops-to-whitelist branch from 3103275 to 4e961c3 Compare June 4, 2024 09:25
@seaerchin seaerchin requested a review from a team June 4, 2024 09:25
Base automatically changed from harish/isom-1037-create-automation-for-prod-ops-to-whitelist to develop June 4, 2024 10:09
@seaerchin seaerchin enabled auto-merge (squash) June 4, 2024 10:11
@seaerchin seaerchin force-pushed the feat/slackbot-dnschecker branch from 3ea7d34 to a404285 Compare June 4, 2024 10:11
@seaerchin seaerchin merged commit 436ada2 into develop Jun 4, 2024
11 of 12 checks passed
@seaerchin seaerchin deleted the feat/slackbot-dnschecker branch June 4, 2024 10:16
@alexanderleegs alexanderleegs mentioned this pull request Jun 13, 2024
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants