Verifies that calling Migrate() twice succeeds without error and that
seed data (2 zones, 12 records) is present exactly once.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Migration v2: INSERT → INSERT OR IGNORE for idempotency
- Config: validate server.tls_cert and server.tls_key are non-empty
- gRPC: add input validation matching REST handlers
- gRPC: add logger to zone/record services, log timestamp parse errors
- REST+gRPC: extract SOA defaults into shared db.ApplySOADefaults()
- DNS: simplify SOA query condition (remove dead code from precedence bug)
- Startup: consolidate shutdown into shutdownAll(), clean up gRPC listener
on error path, shut down sibling servers when one fails
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Full integration tests exercising gRPC services through real server with
mock MCIAS auth. Covers all CRUD operations for zones and records,
health check bypass, auth/admin interceptor enforcement, CNAME
exclusivity conflicts, and method map completeness verification.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Cover all REST handlers with httptest-based tests using real SQLite:
zones (list, get, create, update, delete), records (list, get, create,
update, delete with validation/conflict cases), requireAdmin middleware
(admin, non-admin, missing context), and utility functions (writeJSON,
writeError, extractBearerToken, tokenInfoFromContext).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Populates the database on first run with the two existing zones
(svc.mcp.metacircular.net, mcp.metacircular.net) and all their A
records (metacrypt, mcr, sgard, mcp-agent, rift, ns).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace the CoreDNS precursor with a purpose-built authoritative DNS
server. Zones and records (A, AAAA, CNAME) are stored in SQLite and
managed via synchronized gRPC + REST APIs authenticated through MCIAS.
Non-authoritative queries are forwarded to upstream resolvers with
in-memory caching.
Key components:
- DNS server (miekg/dns) with authoritative zone handling and forwarding
- gRPC + REST management APIs with MCIAS auth (mcdsl integration)
- SQLite storage with CNAME exclusivity enforcement and auto SOA serials
- 30 tests covering database CRUD, DNS resolution, and caching
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
