feat(rpki): provider scaffold — base, factory, paths, ripestat skeleton
New decnet/rpki/ module mirrors decnet/asn/ shape. Validator ABC, lazy singleton factory (DECNET_RPKI_PROVIDER=ripestat default), paths.py with DECNET_RPKI_ROOT override. RipeStatValidator stub returns 'unknown' unconditionally — HTTP wired in next commit. enrich_rpki(ip, asn) -> (status, source) | (None, None); short-circuits on DECNET_RPKI_ENABLED=false or asn=None.
This commit is contained in:
0
decnet/rpki/ripestat/__init__.py
Normal file
0
decnet/rpki/ripestat/__init__.py
Normal file
20
decnet/rpki/ripestat/validator.py
Normal file
20
decnet/rpki/ripestat/validator.py
Normal file
@@ -0,0 +1,20 @@
|
||||
"""RIPE STAT RPKI validator.
|
||||
|
||||
Resolves the most-specific announced prefix covering ``ip`` via the
|
||||
RIPE STAT ``network-info`` endpoint, then validates ``(asn, prefix)``
|
||||
via ``rpki-validation``. Results are cached in a SQLite database under
|
||||
:data:`~decnet.rpki.paths.RPKI_ROOT` to avoid per-event network calls.
|
||||
|
||||
HTTP is wired in the next commit; this skeleton returns ``unknown``
|
||||
unconditionally so the rest of the pipeline compiles and tests pass.
|
||||
"""
|
||||
from __future__ import annotations
|
||||
|
||||
from decnet.rpki.base import RpkiResult, Validator
|
||||
|
||||
|
||||
class RipeStatValidator(Validator):
|
||||
name = "ripestat"
|
||||
|
||||
def validate(self, ip: str, asn: int) -> RpkiResult:
|
||||
return RpkiResult(status="unknown")
|
||||
Reference in New Issue
Block a user