Host connection #1078
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,78 @@ | ||
| //===----------------------------------------------------------------------===// | ||
| // Copyright © 2026 Apple Inc. and the container project authors. | ||
| // | ||
| // Licensed under the Apache License, Version 2.0 (the "License"); | ||
| // you may not use this file except in compliance with the License. | ||
| // You may obtain a copy of the License at | ||
| // | ||
| // https://www.apache.org/licenses/LICENSE-2.0 | ||
| // | ||
| // Unless required by applicable law or agreed to in writing, software | ||
| // distributed under the License is distributed on an "AS IS" BASIS, | ||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| // See the License for the specific language governing permissions and | ||
| // limitations under the License. | ||
| //===----------------------------------------------------------------------===// | ||
|
|
||
| import ContainerizationError | ||
| import Foundation | ||
| import Logging | ||
|
|
||
| public class DirectoryWatcher { | ||
| public let directoryURL: URL | ||
|
|
||
| private let monitorQueue: DispatchQueue | ||
| private var source: DispatchSourceFileSystemObject? | ||
|
|
||
| private let log: Logger | ||
|
|
||
| init(directoryURL: URL, log: Logger) { | ||
| self.directoryURL = directoryURL | ||
| self.monitorQueue = DispatchQueue(label: "monitor:\(directoryURL.path)") | ||
| self.log = log | ||
| } | ||
|
|
||
| public func startWatching(handler: @escaping ([URL]) throws -> Void) throws { | ||
| guard source == nil else { | ||
| throw ContainerizationError(.invalidState, message: "already watching on \(directoryURL.path)") | ||
| } | ||
|
|
||
| do { | ||
| let files = try FileManager.default.contentsOfDirectory(atPath: directoryURL.path) | ||
| try handler(files.map { directoryURL.appending(path: $0) }) | ||
| } catch { | ||
| throw ContainerizationError(.invalidState, message: "failed to start watching on \(directoryURL.path)") | ||
| } | ||
|
|
||
| log.info("starting directory watcher for \(directoryURL.path)") | ||
|
|
||
| let descriptor = open(directoryURL.path, O_EVTONLY) | ||
|
|
||
| source = DispatchSource.makeFileSystemObjectSource( | ||
| fileDescriptor: descriptor, | ||
| eventMask: .write, | ||
| queue: monitorQueue | ||
| ) | ||
|
|
||
| source?.setEventHandler { [weak self] in | ||
| guard let self else { return } | ||
|
|
||
| do { | ||
| let files = try FileManager.default.contentsOfDirectory(atPath: directoryURL.path) | ||
| try? handler(files.map { directoryURL.appending(path: $0) }) | ||
| } catch { | ||
| self.log.info("failed to run handler for \(directoryURL.path)") | ||
| } | ||
| } | ||
|
|
||
| source?.resume() | ||
| } | ||
|
|
||
| deinit { | ||
| guard let source else { | ||
| return | ||
| } | ||
|
|
||
| source.cancel() | ||
| } | ||
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,112 @@ | ||
| //===----------------------------------------------------------------------===// | ||
| // Copyright © 2026 Apple Inc. and the container project authors. | ||
| // | ||
| // Licensed under the Apache License, Version 2.0 (the "License"); | ||
| // you may not use this file except in compliance with the License. | ||
| // You may obtain a copy of the License at | ||
| // | ||
| // https://www.apache.org/licenses/LICENSE-2.0 | ||
| // | ||
| // Unless required by applicable law or agreed to in writing, software | ||
| // distributed under the License is distributed on an "AS IS" BASIS, | ||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| // See the License for the specific language governing permissions and | ||
| // limitations under the License. | ||
| //===----------------------------------------------------------------------===// | ||
|
|
||
| import ContainerAPIClient | ||
| import ContainerPersistence | ||
| import ContainerizationError | ||
| import DNS | ||
| import DNSServer | ||
| import Foundation | ||
| import Logging | ||
|
|
||
| class LocalhostDNSHandler: DNSHandler { | ||
| private let ttl: UInt32 | ||
| private let watcher: DirectoryWatcher | ||
|
|
||
| private var dns: [String: IPv4] | ||
|
|
||
| public init(resolversURL: URL = HostDNSResolver.defaultConfigPath, ttl: UInt32 = 5, log: Logger) { | ||
| self.ttl = ttl | ||
|
|
||
| self.watcher = DirectoryWatcher(directoryURL: resolversURL, log: log) | ||
| self.dns = [:] | ||
| } | ||
|
|
||
| public func monitorResolvers() throws { | ||
| try self.watcher.startWatching { fileURLs in | ||
| var dns: [String: IPv4] = [:] | ||
| let regex = try Regex(HostDNSResolver.localhostOptionsRegex) | ||
|
|
||
| for file in fileURLs.filter({ $0.lastPathComponent.starts(with: HostDNSResolver.containerizationPrefix) }) { | ||
| let content = try String(contentsOf: file, encoding: .utf8) | ||
|
|
||
| if let match = content.firstMatch(of: regex), | ||
| let ipv4 = IPv4(String(match[1].substring ?? "")) | ||
| { | ||
| let name = String(file.lastPathComponent.dropFirst(HostDNSResolver.containerizationPrefix.count)) | ||
| dns[name + "."] = ipv4 | ||
| } | ||
| } | ||
| self.dns = dns | ||
| } | ||
| } | ||
|
|
||
| public func answer(query: Message) async throws -> Message? { | ||
| let question = query.questions[0] | ||
| var record: ResourceRecord? | ||
| switch question.type { | ||
| case ResourceRecordType.host: | ||
| if let ip = dns[question.name] { | ||
| record = HostRecord<IPv4>(name: question.name, ttl: ttl, ip: ip) | ||
| } | ||
| case ResourceRecordType.host6: | ||
| return Message( | ||
| id: query.id, | ||
| type: .response, | ||
| returnCode: .noError, | ||
| questions: query.questions, | ||
| answers: [] | ||
| ) | ||
| case ResourceRecordType.nameServer, | ||
| ResourceRecordType.alias, | ||
| ResourceRecordType.startOfAuthority, | ||
| ResourceRecordType.pointer, | ||
| ResourceRecordType.mailExchange, | ||
| ResourceRecordType.text, | ||
| ResourceRecordType.service, | ||
| ResourceRecordType.incrementalZoneTransfer, | ||
| ResourceRecordType.standardZoneTransfer, | ||
| ResourceRecordType.all: | ||
| return Message( | ||
| id: query.id, | ||
| type: .response, | ||
| returnCode: .notImplemented, | ||
| questions: query.questions, | ||
| answers: [] | ||
| ) | ||
| default: | ||
| return Message( | ||
| id: query.id, | ||
| type: .response, | ||
| returnCode: .formatError, | ||
| questions: query.questions, | ||
| answers: [] | ||
| ) | ||
| } | ||
|
|
||
| guard let record else { | ||
| return nil | ||
| } | ||
|
|
||
| return Message( | ||
| id: query.id, | ||
| type: .response, | ||
| returnCode: .noError, | ||
| questions: query.questions, | ||
| answers: [record] | ||
| ) | ||
| } | ||
| } |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What do you mean by
resource ID? Is it in the context of ManagedResource?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes but you suggest an interesting point. When we implement the ManagedResource stuff and if we did make domains a managed resource, the domain name property might be independent of its resource ID.
That's something for another PR though, the comment will be helpful to someone who's looking at the code for the first time.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, once we use resource ID, we should update this to use resource ID also.