diff --git a/src/pkg/api/airgap.go b/src/pkg/api/airgap.go index 4e69d058..f17bc8c6 100644 --- a/src/pkg/api/airgap.go +++ b/src/pkg/api/airgap.go @@ -22,6 +22,9 @@ import ( "github.com/go-chi/chi/v5" ) +// dnsQuery is a DNS entry to check for internet connectivity +var dnsQuery = "runtime-local.uds.dev" + // serveAirgap starts a server assuming airgap and uses self-signed certificates func serveAirgap(r *chi.Mux) error { err := generateCerts() @@ -44,24 +47,10 @@ func serveAirgap(r *chi.Mux) error { return nil } -// isAirgapped checks if we're in the airgap by checking Google and Cloudflare DNS servers -func isAirgapped(timeout time.Duration) bool { - googleDNS := "8.8.8.8:53" - cloudflareDNS := "1.1.1.1:53" - - // Check Google DNS - googleConn, googleErr := net.DialTimeout("udp", googleDNS, timeout) - if googleErr == nil { - defer googleConn.Close() - } - - // Check Cloudflare DNS - cloudflareConn, cloudflareErr := net.DialTimeout("udp", cloudflareDNS, timeout) - if cloudflareErr == nil { - defer cloudflareConn.Close() - } - - return !(googleErr == nil && cloudflareErr == nil) +// isAirgapped checks if we're in an airgapped environment by attempting DNS queries +func isAirgapped(server string) bool { + _, err := net.LookupHost(server) + return err != nil } // generateCerts creates self-signed certificates for running locally in the airgap diff --git a/src/pkg/api/airgap_test.go b/src/pkg/api/airgap_test.go new file mode 100644 index 00000000..a5759894 --- /dev/null +++ b/src/pkg/api/airgap_test.go @@ -0,0 +1,25 @@ +package api + +import ( + "testing" + + "github.com/stretchr/testify/require" +) + +func TestAirgap(t *testing.T) { + tests := []struct { + name string + server string + expected bool + }{ + {name: "in airgap", server: "runtime-local.uds.dev", expected: false}, + {name: "not in airgap", server: "probably.not.a.website", expected: true}, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + actual := isAirgapped(tt.server) + require.Equal(t, tt.expected, actual) + }) + } +} diff --git a/src/pkg/api/start.go b/src/pkg/api/start.go index 6d32474f..d3f9c76e 100644 --- a/src/pkg/api/start.go +++ b/src/pkg/api/start.go @@ -188,7 +188,7 @@ func Setup(assets *embed.FS) (*chi.Mux, bool, error) { if config.LocalAuthEnabled { port := "8443" host := "runtime-local.uds.dev" - inAirgap = isAirgapped(time.Duration(5) * time.Second) + inAirgap = isAirgapped(dnsQuery) if inAirgap { host = "localhost" }