RFC 76 update: accept both a map and an array of handlers at "modules" key, implement chaining #166
Description
Currently RFC 76 specifies a map of handlers attached to an input module. Since a map is unordered by nature, all of the handlers will execute against the input.
We need a way to instead specify a chain/pipeline of handlers, whereby handlers further down in the chain may not execute if handlers further up in the chain decided that the processing should stop (based on a filter). This means that instead of all the handlers connecting to the input stream, the handlers will connect to each other. The handlers have to have explicit support for this to work, and the policy will fail to apply if they are not compatible.
Explicit example: It should be possible to chain PCAP -> DNS -> Net, where Net is able to connect to the DNS module and only process L3/L4 network metrics if DNS re-exposes a signal which indicates that DNS processed and was not filtered. This will allow us to capture, for example, Network metrics only for certain QNAMES that we're specified in the DNS module.
This ticket is complete when:
- RFC 76 documents both map and array versions of
modulessection - PolicyManager can parse both map and array versions of
modulessection (with unit tests) - When a chain is present, PolicyManager instantiates the handlers and tries to connect them to each other in a chain instead of all of them to the input handler, failing gracefully if the modules will not connect properly (with unit tests)
- DNS module exposes a signal that Net can connect to, and calls it if not filtered
- Net module is able to connect to DNS module