Gate daemon host file endpoints

Guard host file endpoints behind the modify-hosts-file setting so the
daemon does not touch hosts entries when the feature is disabled. Adds
tests to cover the disabled and enabled paths.

Author: tricktron

cmd/crc/cmd/daemon.go

@@ -184,7 +184,7 @@ func run(configuration *types.Configuration) error {
 		return err
 	}
 	go func() {
-		mux := gatewayAPIMux()
+		mux := gatewayAPIMux(config, adminHelperHostsFileEditor{})
 		s := &http.Server{
 			Handler:      handlers.LoggingHandler(os.Stderr, mux),
 			ReadTimeout:  10 * time.Second,
@@ -331,18 +331,43 @@ func run(configuration *types.Configuration) error {
 	}
 }
 
+type HostsFileEditor interface {
+	Add(ip string, hostnames ...string) error
+	Remove(hostnames ...string) error
+}
+
+type adminHelperHostsFileEditor struct{}
+
+func (adminHelperHostsFileEditor) Add(ip string, hostnames ...string) error {
+	return adminhelper.AddToHostsFile(ip, hostnames...)
+}
+
+func (adminHelperHostsFileEditor) Remove(hostnames ...string) error {
+	return adminhelper.RemoveFromHostsFile(hostnames...)
+}
+
 // This API is only exposed in the virtual network (only the VM can reach this).
 // Any process inside the VM can reach it by connecting to gateway.crc.testing:80.
-func gatewayAPIMux() *http.ServeMux {
+func gatewayAPIMux(cfg *crcConfig.Config, hostsEditor HostsFileEditor) *http.ServeMux {
 	mux := http.NewServeMux()
 	mux.HandleFunc("/hosts/add", func(w http.ResponseWriter, r *http.Request) {
 		acceptJSONStringArray(w, r, func(hostnames []string) error {
-			return adminhelper.AddToHostsFile("127.0.0.1", hostnames...)
+			if !cfg.Get(crcConfig.ModifyHostsFile).AsBool() {
+				logging.Infof("Skipping hosts file modification because 'modify-hosts-file' is set to false")
+
+				return nil
+			}
+			return hostsEditor.Add("127.0.0.1", hostnames...)
 		})
 	})
 	mux.HandleFunc("/hosts/remove", func(w http.ResponseWriter, r *http.Request) {
 		acceptJSONStringArray(w, r, func(hostnames []string) error {
-			return adminhelper.RemoveFromHostsFile(hostnames...)
+			if !cfg.Get(crcConfig.ModifyHostsFile).AsBool() {
+				logging.Infof("Skipping hosts file modification because 'modify-hosts-file' is set to false")
+
+				return nil
+			}
+			return hostsEditor.Remove(hostnames...)
 		})
 	})
 	return mux

cmd/crc/cmd/daemon_test.go

@@ -5,6 +5,7 @@ import (
 	"errors"
 	"net"
 	"net/http"
+	"net/http/httptest"
 	"net/url"
 	"os"
 	"regexp"
@@ -154,3 +155,79 @@ func TestCreateNewVirtualNetworkConfig_WhenHostNetworkConfigSet_ThenSetNAT(t *te
 	// Then
 	assert.Equal(t, "127.0.0.1", virtualNetworkConfig.NAT["192.168.127.254"])
 }
+
+type fakeHostsFileEditor struct {
+	addCalled    bool
+	removeCalled bool
+	addIP        string
+	addHosts     []string
+	removeHosts  []string
+}
+
+func (fake *fakeHostsFileEditor) Add(ip string, hostnames ...string) error {
+	fake.addCalled = true
+	fake.addIP = ip
+	fake.addHosts = append([]string(nil), hostnames...)
+	return nil
+}
+
+func (fake *fakeHostsFileEditor) Remove(hostnames ...string) error {
+	fake.removeCalled = true
+	fake.removeHosts = append([]string(nil), hostnames...)
+	return nil
+}
+
+func TestGatewayAPIMux_HostsEndpointsRespectModifyHostsFile(t *testing.T) {
+	tests := []struct {
+		name             string
+		modifyHostsFile  bool
+		path             string
+		expectAddCalled  bool
+		expectRemoveCall bool
+	}{
+		{
+			name:            "add-enabled",
+			modifyHostsFile: true,
+			path:            "/hosts/add",
+			expectAddCalled: true,
+		},
+		{
+			name:            "add-disabled",
+			modifyHostsFile: false,
+			path:            "/hosts/add",
+		},
+		{
+			name:             "remove-enabled",
+			modifyHostsFile:  true,
+			path:             "/hosts/remove",
+			expectRemoveCall: true,
+		},
+		{
+			name:            "remove-disabled",
+			modifyHostsFile: false,
+			path:            "/hosts/remove",
+		},
+	}
+
+	for _, test := range tests {
+		t.Run(test.name, func(t *testing.T) {
+			// Given
+			cfg := crcConfig.New(crcConfig.NewEmptyInMemoryStorage(), crcConfig.NewEmptyInMemorySecretStorage())
+			crcConfig.RegisterSettings(cfg)
+			_, err := cfg.Set(crcConfig.ModifyHostsFile, test.modifyHostsFile)
+			assert.NoError(t, err)
+			hostsEditor := &fakeHostsFileEditor{}
+			mux := gatewayAPIMux(cfg, hostsEditor)
+			rec := httptest.NewRecorder()
+
+			// When
+			req := httptest.NewRequest(http.MethodPost, test.path, bytes.NewBufferString(`["api.crc.testing"]`))
+			mux.ServeHTTP(rec, req)
+
+			// Then
+			assert.Equal(t, http.StatusOK, rec.Code)
+			assert.Equal(t, test.expectAddCalled, hostsEditor.addCalled)
+			assert.Equal(t, test.expectRemoveCall, hostsEditor.removeCalled)
+		})
+	}
+}