added soa nameserver validator

app/jobs/validate_dnssec_job.rb

@@ -32,6 +32,10 @@ class ValidateDnssecJob < ApplicationJob
 
   def iterate_nameservers(domain)
     domain.nameservers.each do |n|
+      result_nameserver_validation = SoaNameserverQuery.validate(domain_name: domain.name, hostname: n.hostname)
+
+      return unless result_nameserver_validation
+
       validate(hostname: n.hostname, domain: domain)
 
       notify_contacts(domain)

app/services/soa_nameserver_query.rb

@@ -0,0 +1,49 @@
+module SoaNameserverQuery
+  include Dnsruby
+
+  extend self
+
+  def validate(domain_name:, hostname:)
+
+      resolver = create_resolver(hostname)
+
+      answers = resolver.query(domain_name, 'SOA', 'IN')
+      answers.answer.each do |a|
+
+        if a.serial.nil?
+          logger.info "No serial number of nameserver found"
+
+          return false
+        end
+
+        serial_number = a.serial.to_s
+
+        p "-------------- >>"
+        p "serial number #{serial_number} of #{hostname} - domain name: #{domain_name}"
+        p "<< --------------"
+        true
+      end
+
+  rescue StandardError => e
+    logger.error e.message
+    logger.error "failed #{hostname} validation of #{domain_name} domain name"
+
+    false
+  end
+
+  private
+
+  def create_resolver(nameserver)
+    resolver = Dnsruby::Resolver.new
+    resolver.retry_times = 3
+    resolver.recurse = 0  # Send out non-recursive queries
+    # disable caching otherwise SOA is cached from first nameserver queried
+    resolver.do_caching = false
+    resolver.nameserver = nameserver
+    resolver
+  end
+
+  def logger
+    @logger ||= Rails.logger
+  end
+end

test/jobs/validate_dnssec_job_test.rb

@@ -7,26 +7,30 @@ class ValidateDnssecJobTest < ActiveJob::TestCase
     @dnskey = dnskeys(:one)
   end
 
-  # def test_job_should_return_successfully_validated_dnskeys
+  def test_job_should_return_successfully_validated_dnskeys
-  #   @domain.dnskeys << @dnskey
+    # @domain.dnskeys << @dnskey
-  #   @domain.save
+    # @domain.save
-  #   @domain.reload
+    # @domain.reload
-  #
+    #
-  #   mock_zone_data = [
+    # mock_zone_data = [
-  #     {
+    #   {
-  #       flags: @dnskey.flags,
+    #     flags: @dnskey.flags,
-  #       protocol: @dnskey.protocol,
+    #     protocol: @dnskey.protocol,
-  #       alg: @dnskey.alg,
+    #     alg: @dnskey.alg,
-  #       public_key: @dnskey.public_key
+    #     public_key: @dnskey.public_key
-  #     }]
+    #   }]
-  #
+    #
-  #   Spy.on_instance_method(ValidateDnssecJob, :parse_response).and_return(mock_zone_data)
+    # resolver = Spy.mock(Dnsruby::Recursor)
-  #
+    # Spy.on(resolver, :query).and_return true
-  #   ValidateDnssecJob.perform_now(domain_name: @domain.name)
+    # Spy.on_instance_method(ValidateDnssecJob, :parse_response).and_return(mock_zone_data)
-  #
+    # # Spy.on_instance_method(ValidateDnssecJob, :prepare_validator).and_return(true)
-  #   @domain.reload
+    #
-  #   p @domain.dnskeys
+    #
-  # end
+    # ValidateDnssecJob.perform_now(domain_name: @domain.name)
+    #
+    # @domain.reload
+    # p @domain.dnskeys
+  end
 
   # def test_job_discarded_after_error
   #   assert_no_enqueued_jobs