[PR #3167] [MERGED] dns-test: generalize hickory dnssec feature #3606

New issue

Closed

opened 2026-03-16 11:52:53 +03:00 by kerem · 0 comments

kerem commented

2026-03-16 11:52:53 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/hickory-dns/hickory-dns/pull/3167
Author: @cpu
Created: 7/29/2025
Status: ✅ Merged
Merged: 7/30/2025
Merged by: @cpu

Base: main ← Head: cpu-generalize-dnssec-feature_dev

📝 Commits (2)

9c838ee ci: allow dispatch of conformance CI job
afbdc8d dns-test: generalize hickory dnssec feature

📊 Changes

7 files changed (+56 additions, -46 deletions)

View changed files

📝 .github/workflows/conformance.yml (+1 -0)
📝 conformance/README.md (+5 -5)
📝 conformance/packages/dns-test/src/container.rs (+17 -12)
📝 conformance/packages/dns-test/src/docker/hickory.Dockerfile (+5 -5)
📝 conformance/packages/dns-test/src/implementation.rs (+19 -15)
📝 conformance/packages/dns-test/src/lib.rs (+6 -6)
📝 justfile (+3 -3)

📄 Description

Allow specifying just the crypto provider (aws-lc-rs or ring) and use that as a suffix for required features instead of passing a more specific feature (dnssec-aws-lc-rs, dnssec-ring).

Previously the dns-test crate offered the ability to customize the HickoryDNS docker image so the auth server binary was built with either the dnssec-aws-lc-rs Cargo feature, or the dnssec-ring Cargo feature. The dns util binary always used aws-lc-rs unconditionally.

In the future we will want to enable other crate features that require a cryptography provider (e.g. tls-aws-lc-rs or tls-ring for DoT). It's also helpful for build-time to have the hickory-util crate use the same crypto provider as the auth server. By making the argument a crypto provider instead of a specific feature we can accomplish both.

Also, allow triggering the CI run of the full conformance suite on-demand through the web UI.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/hickory-dns/hickory-dns/pull/3167 **Author:** [@cpu](https://github.com/cpu) **Created:** 7/29/2025 **Status:** ✅ Merged **Merged:** 7/30/2025 **Merged by:** [@cpu](https://github.com/cpu) **Base:** `main` ← **Head:** `cpu-generalize-dnssec-feature_dev` --- ### 📝 Commits (2) - [`9c838ee`](https://github.com/hickory-dns/hickory-dns/commit/9c838eebf65fa5912addcc8f6693d814b7bc2d55) ci: allow dispatch of conformance CI job - [`afbdc8d`](https://github.com/hickory-dns/hickory-dns/commit/afbdc8d17492514201381acfc6c6dd004e8a7a9a) dns-test: generalize hickory dnssec feature ### 📊 Changes **7 files changed** (+56 additions, -46 deletions) <details> <summary>View changed files</summary> 📝 `.github/workflows/conformance.yml` (+1 -0) 📝 `conformance/README.md` (+5 -5) 📝 `conformance/packages/dns-test/src/container.rs` (+17 -12) 📝 `conformance/packages/dns-test/src/docker/hickory.Dockerfile` (+5 -5) 📝 `conformance/packages/dns-test/src/implementation.rs` (+19 -15) 📝 `conformance/packages/dns-test/src/lib.rs` (+6 -6) 📝 `justfile` (+3 -3) </details> ### 📄 Description Allow specifying just the crypto provider (`aws-lc-rs` or `ring`) and use that as a suffix for required features instead of passing a more specific feature (`dnssec-aws-lc-rs`, `dnssec-ring`). Previously the `dns-test` crate offered the ability to customize the HickoryDNS docker image so the auth server binary was built with either the `dnssec-aws-lc-rs` Cargo feature, or the `dnssec-ring` Cargo feature. The `dns` util binary always used `aws-lc-rs` unconditionally. In the future we will want to enable other crate features that require a cryptography provider (e.g. `tls-aws-lc-rs` or `tls-ring` for DoT). It's also helpful for build-time to have the `hickory-util` crate use the same crypto provider as the auth server. By making the argument a crypto provider instead of a specific feature we can accomplish both. Also, allow triggering the CI run of the full conformance suite on-demand through the web UI. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>