add test

defenseunicorns · Oct 25, 2024 · 8cc6504 · 8cc6504
1 parent 6d6f557
commit 8cc6504
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 19 deletions.
diff --git a/src/pkg/api/airgap.go b/src/pkg/api/airgap.go
@@ -22,6 +22,9 @@ import (
 	"github.com/go-chi/chi/v5"
 )
 
+// dnsQuery is a DNS entry to check for internet connectivity
+var dnsQuery = "runtime-local.uds.dev"
+
 // serveAirgap starts a server assuming airgap and uses self-signed certificates
 func serveAirgap(r *chi.Mux) error {
 	err := generateCerts()
@@ -44,24 +47,10 @@ func serveAirgap(r *chi.Mux) error {
 	return nil
 }
 
-// isAirgapped checks if we're in the airgap by checking Google and Cloudflare DNS servers
-func isAirgapped(timeout time.Duration) bool {
-	googleDNS := "8.8.8.8:53"
-	cloudflareDNS := "1.1.1.1:53"
-
-	// Check Google DNS
-	googleConn, googleErr := net.DialTimeout("udp", googleDNS, timeout)
-	if googleErr == nil {
-		defer googleConn.Close()
-	}
-
-	// Check Cloudflare DNS
-	cloudflareConn, cloudflareErr := net.DialTimeout("udp", cloudflareDNS, timeout)
-	if cloudflareErr == nil {
-		defer cloudflareConn.Close()
-	}
-
-	return !(googleErr == nil && cloudflareErr == nil)
+// isAirgapped checks if we're in an airgapped environment by attempting DNS queries
+func isAirgapped(server string) bool {
+	_, err := net.LookupHost(server)
+	return err != nil
 }
 
 // generateCerts creates self-signed certificates for running locally in the airgap

diff --git a/src/pkg/api/airgap_test.go b/src/pkg/api/airgap_test.go
@@ -0,0 +1,25 @@
+package api
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/require"
+)
+
+func TestAirgap(t *testing.T) {
+	tests := []struct {
+		name     string
+		server   string
+		expected bool
+	}{
+		{name: "in airgap", server: "runtime-local.uds.dev", expected: false},
+		{name: "not in airgap", server: "probably.not.a.website", expected: true},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			actual := isAirgapped(tt.server)
+			require.Equal(t, tt.expected, actual)
+		})
+	}
+}
diff --git a/src/pkg/api/start.go b/src/pkg/api/start.go
@@ -188,7 +188,7 @@ func Setup(assets *embed.FS) (*chi.Mux, bool, error) {
 	if config.LocalAuthEnabled {
 		port := "8443"
 		host := "runtime-local.uds.dev"
-		inAirgap = isAirgapped(time.Duration(5) * time.Second)
+		inAirgap = isAirgapped(dnsQuery)
 		if inAirgap {
 			host = "localhost"
 		}