Add Config to Disable Hosts File Modification

[tricktron]

Description

This change introduces a new configuration setting modify-hosts-file that allows users to disable CRC's automatic modification of the /etc/hosts file. The setting defaults to true to maintain backward compatibility with existing installations.

When set to false, CRC will skip adding OpenShift hostnames to the system's hosts file during cluster startup. This is particularly useful for systems like NixOS where the hosts file is managed declaratively and cannot be modified by applications, or for users who prefer to manage DNS resolution through other means.

The implementation adds the configuration option to all platform-specific DNS modules (Linux, macOS, Windows) and includes the setting in the service configuration passed to DNS setup routines.

Type of change

• Bug fix (non-breaking change which fixes an issue)
• Feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change
• Chore (non-breaking change which doesn't affect codebase;
  test, version modification, documentation, etc.)

Proposed changes

Testing

I tested this e2e on my NixOS machine by manually setting the needed host file entries: api.crc.testing, canary-openshift-ingress-canary.apps-crc.testing, ... and with the new config modify-hosts-file = false.

Contribution Checklist

• I Keep It Small and Simple: The smaller the PR is, the easier it is to review and have it merged
• I have performed a self-review of my code
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• Which platform have you tested the code changes on?
  • Linux
  • Windows
  • MacOS

Summary by CodeRabbit

• New Features

  • Added a user-configurable setting to control whether CRC updates the system hosts file during start (default: enabled). When disabled, CRC skips modifying hosts on Linux, macOS, and Windows and logs the skip.

• Documentation / Messaging

  • Improved post-start guidance and error messaging to advise verifying DNS/hosts resolution when hosts modification is disabled.

• Tests

  • Test coverage extended to include the new setting's default and provided values.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[openshift-ci]

Hi @tricktron. Thanks for your PR.

I'm waiting for a crc-org member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[praveenkumar]

/ok-to-test

[tricktron]

/retest-required

[tricktron]

@praveenkumar Thanks for running the tests. I see many timeout failures unrelated to my change. Is this normal and can I rerun the tests or do only maintainers have the right to rerun tests?

[praveenkumar]

/retest

[coderabbitai]

Walkthrough

Adds a new public config key ModifyHostsFile (default true), exposes it via client.modifyHostsFile() into ServicePostStartConfig, conditions DNS post-start hosts-file updates on that flag across Darwin/Linux/Windows, updates file-permission literals to Go 0o-style, and extends tests for the new setting.

Changes

Cohort / File(s)	Summary
Config setting introduction pkg/crc/config/settings.go, pkg/crc/config/settings_test.go	Adds public constant ModifyHostsFile ("modify-hosts-file"), registers it with default true, boolean validation and help text; updates tests to include default=true and provided=false cases.
Machine integration pkg/crc/machine/client.go, pkg/crc/machine/start.go	Adds client.modifyHostsFile() to read the config and sets ModifyHostsFile on ServicePostStartConfig; tweaks DNS error text to reference the flag; converts several file-permission literals to 0o-prefixed octal syntax.
Services API update pkg/crc/services/services.go	Adds ModifyHostsFile bool field to ServicePostStartConfig.
DNS post-start conditional hosts update pkg/crc/services/dns/dns_darwin.go, pkg/crc/services/dns/dns_linux.go, pkg/crc/services/dns/dns_windows.go	runPostStartForOS now calls addOpenShiftHosts only when serviceConfig.ModifyHostsFile is true; otherwise logs a skipping message and returns nil. Added/imported logging where required.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor User
  participant Client as Machine Client
  participant Config as Config Store
  participant Start as Start Flow
  participant DNS as DNS Service
  participant OS as OS-specific Handler

  User->>Client: crc start
  Client->>Config: get("modify-hosts-file")
  Config-->>Client: bool
  Client->>Start: build ServicePostStartConfig(ModifyHostsFile=bool,...)
  Start->>DNS: runPostStart(config)
  DNS->>OS: runPostStartForOS(config)
  alt ModifyHostsFile == true
    OS->>OS: addOpenShiftHosts()
    OS-->>DNS: success/error
  else ModifyHostsFile == false
    OS-->>DNS: log "Skipping hosts file modification"
  end
  DNS-->>Start: return
  Start-->>Client: start complete

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

• Focus areas:
  • pkg/crc/config/settings.go registration and test updates
  • client.modifyHostsFile() and propagation into ServicePostStartConfig
  • OS-specific conditional branches in DNS files and logging
  • Permission literal conversions in pkg/crc/machine/start.go

Poem

I twitched my whiskers, flipped a tiny switch,
Now hosts stay quiet when the flag says “ditch.”
I hopped through config, then hopped through tests,
Permissions tidy, and DNS rests.
A carrot cheer for toggles done—hop on, everyone! 🥕🐇

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Add Config to Disable Hosts File Modification' clearly and concisely describes the main change—introducing a new configuration option to control hosts file modification behavior.
Description check	✅ Passed	The description comprehensively covers the change purpose, use cases, implementation scope, testing performed, and completed checklist items aligned with the template requirements.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b810d46 and 34341be.

📒 Files selected for processing (8)

• pkg/crc/config/settings.go (2 hunks)
• pkg/crc/config/settings_test.go (2 hunks)
• pkg/crc/machine/client.go (1 hunks)
• pkg/crc/machine/start.go (7 hunks)
• pkg/crc/services/dns/dns_darwin.go (1 hunks)
• pkg/crc/services/dns/dns_linux.go (1 hunks)
• pkg/crc/services/dns/dns_windows.go (2 hunks)
• pkg/crc/services/services.go (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (5)

• pkg/crc/machine/client.go
• pkg/crc/services/dns/dns_darwin.go
• pkg/crc/services/dns/dns_linux.go
• pkg/crc/machine/start.go
• pkg/crc/services/dns/dns_windows.go

🧰 Additional context used

🧬 Code graph analysis (2)

pkg/crc/services/services.go (3)

pkg/crc/oc/oc.go (1)

• SSHRunner (74-76)

pkg/crc/machine/bundle/metadata.go (1)

• CrcBundleInfo (27-38)

pkg/crc/config/settings.go (2)

• NetworkMode (23-23)
• ModifyHostsFile (31-31)

pkg/crc/config/settings_test.go (1)

pkg/crc/config/settings.go (1)

• ModifyHostsFile (31-31)

🔇 Additional comments (5)

pkg/crc/config/settings.go (2)

31-31: LGTM!

The constant definition follows the established naming convention and is appropriately placed with related cluster configuration settings.

---

133-135: LGTM!

The setting registration is well-implemented with:

• Default value of true for backward compatibility
• Appropriate validation and applied status
• Clear help text documenting the purpose and default

pkg/crc/services/services.go (1)

10-15: LGTM!

The new ModifyHostsFile field is correctly added to the ServicePostStartConfig struct. The field follows Go naming conventions and is appropriately placed at the end of the struct for clean evolution.

pkg/crc/config/settings_test.go (2)

254-256: LGTM!

The default value test case correctly validates that ModifyHostsFile defaults to true, matching the registration in settings.go.

---

337-339: LGTM!

The provided value test case correctly validates that ModifyHostsFile can be set to false, ensuring users can disable hosts file modification as intended.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (3)

pkg/crc/config/settings.go (1)

133-135: Help text: make OS-agnostic to avoid misleading Windows users.

Current text mentions “/etc/hosts”, which is Unix-specific. Prefer “system hosts file”.

Apply this diff:

-	cfg.AddSetting(ModifyHostsFile, true, ValidateBool, SuccessfullyApplied,
-		"Allow CRC to modify the /etc/hosts file (true/false, default: true)")
+	cfg.AddSetting(ModifyHostsFile, true, ValidateBool, SuccessfullyApplied,
+		"Allow CRC to modify the system hosts file (true/false, default: true)")

pkg/crc/services/dns/dns_darwin.go (1)

36-39: Optional: log when skipping hosts modification for visibility.

A brief info log helps users correlate behavior with config.

Apply this diff:

-	if serviceConfig.ModifyHostsFile {
-		if err := addOpenShiftHosts(serviceConfig); err != nil {
-			return err
-		}
-	}
+	if serviceConfig.ModifyHostsFile {
+		if err := addOpenShiftHosts(serviceConfig); err != nil {
+			return err
+		}
+	} else {
+		logging.Infof("Skipping hosts file modification on macOS (modify-hosts-file=false)")
+	}

pkg/crc/machine/start.go (1)

506-513: Improve error message when DNS-from-host check fails with modify-hosts-file=false.

Make the failure actionable by hinting at manual DNS/hosts setup when the flag is disabled.

You can adjust the message like this (snippet for context):

if err := dns.CheckCRCLocalDNSReachableFromHost(servicePostStartConfig); err != nil {
    if !client.useVSock() {
        msg := "Failed to query DNS from host"
        if !servicePostStartConfig.ModifyHostsFile {
            msg += " (modify-hosts-file=false). Ensure your system DNS/hosts entries resolve the CRC domains."
        }
        return nil, errors.Wrap(err, msg)
    }
    logging.Warn(fmt.Sprintf("Failed to query DNS from host: %v", err))
}

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 4b73b8b and 33f1a93.

📒 Files selected for processing (8)

• pkg/crc/config/settings.go (2 hunks)
• pkg/crc/config/settings_test.go (2 hunks)
• pkg/crc/machine/client.go (1 hunks)
• pkg/crc/machine/start.go (1 hunks)
• pkg/crc/services/dns/dns_darwin.go (1 hunks)
• pkg/crc/services/dns/dns_linux.go (1 hunks)
• pkg/crc/services/dns/dns_windows.go (1 hunks)
• pkg/crc/services/services.go (1 hunks)

🧰 Additional context used

🧬 Code graph analysis (8)

pkg/crc/services/services.go (4)

pkg/crc/ssh/ssh.go (1)

• Runner (16-18)

pkg/crc/machine/bundle/metadata.go (1)

• CrcBundleInfo (27-38)

pkg/crc/config/settings.go (2)

• NetworkMode (23-23)
• ModifyHostsFile (31-31)

pkg/crc/network/types.go (1)

• Mode (39-39)

pkg/crc/services/dns/dns_darwin.go (1)

pkg/crc/config/settings.go (1)

• ModifyHostsFile (31-31)

pkg/crc/services/dns/dns_windows.go (1)

pkg/crc/config/settings.go (1)

• ModifyHostsFile (31-31)

pkg/crc/config/settings_test.go (1)

pkg/crc/config/settings.go (1)

• ModifyHostsFile (31-31)

pkg/crc/services/dns/dns_linux.go (1)

pkg/crc/config/settings.go (1)

• ModifyHostsFile (31-31)

pkg/crc/machine/client.go (1)

pkg/crc/config/settings.go (1)

• ModifyHostsFile (31-31)

pkg/crc/config/settings.go (2)

pkg/crc/config/validations.go (1)

• ValidateBool (19-25)

pkg/crc/config/callbacks.go (1)

• SuccessfullyApplied (36-38)

pkg/crc/machine/start.go (2)

pkg/crc/config/settings.go (2)

• NetworkMode (23-23)
• ModifyHostsFile (31-31)

pkg/crc/preflight/labels.go (1)

• NetworkMode (13-13)

🔇 Additional comments (8)

pkg/crc/config/settings.go (1)

31-31: LGTM: new setting key introduced cleanly.

pkg/crc/services/dns/dns_linux.go (1)

10-14: LGTM: gating host file changes behind the new flag.

pkg/crc/machine/client.go (1)

67-69: LGTM: simple accessor for the new setting.

pkg/crc/services/dns/dns_windows.go (1)

15-19: LGTM: respects modify-hosts-file on Windows.

pkg/crc/config/settings_test.go (2)

254-256: LGTM: default value covered in matrix.

---

337-339: LGTM: provided (false) value covered in matrix.

pkg/crc/machine/start.go (1)

484-487: LGTM: value threaded into ServicePostStartConfig.

pkg/crc/services/services.go (1)

10-15: LGTM: config plumbed via ServicePostStartConfig — no unkeyed struct literals found. Call sites in pkg/crc/machine/start.go and pkg/crc/services/dns/dns_test.go use keyed initializers.

[gbraad]

Suggest minor changes to ensure this is recorded as part of log

[gbraad]

- }
+ } else {
+ 	logging.Infof("Skipping hosts file modification")
+ }

[gbraad]

... this of course applies to all the platforms (also dns_linux.go and dns_windows.go).

[tricktron]

@gbraad Thank you for your time and the review. I applied your suggestions and also the other two nitpicks by coderabbitai.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please ask for approval from gbraad. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[tricktron]

@gbraad Kind ping to have another look 😃.

[tricktron]

@gbraad Another friendly ping to have look 😃.

[praveenkumar]

Changes regarding file permission change should be in separate commit.

[tricktron]

Changes regarding file permission change should be in separate commit.

@praveenkumar I created a separate commit for it 👍.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

pkg/crc/services/dns/dns_linux.go (1)

3-17: Config‑driven skip behavior is correct; consider clarifying log message

The conditional around addOpenShiftHosts correctly implements the ModifyHostsFile toggle and preserves previous behavior when the flag is true. When false, returning nil after logging is appropriate.

For debuggability, you might make the log slightly more explicit that the skip is configuration‑driven, e.g.:

-   if serviceConfig.ModifyHostsFile {
-       return addOpenShiftHosts(serviceConfig)
-   } else {
-       logging.Infof("Skipping hosts file modification")
-   }
+   if serviceConfig.ModifyHostsFile {
+       return addOpenShiftHosts(serviceConfig)
+   }
+
+   logging.Infof("Skipping hosts file modification because 'modify-hosts-file' is set to false")

pkg/crc/services/dns/dns_windows.go (1)

3-23: Windows hosts‑file toggle logic is correct; mirror clearer log message

The guard on NetworkMode remains intact, and the new ModifyHostsFile check correctly makes hosts‑file updates optional while keeping prior behavior when true. Returning nil on the skip path is reasonable.

As with the Linux implementation, you could clarify the log to indicate that the skip is due to configuration, e.g.:

-   if serviceConfig.ModifyHostsFile {
-       return addOpenShiftHosts(serviceConfig)
-   } else {
-       logging.Infof("Skipping hosts file modification")
-   }
+   if serviceConfig.ModifyHostsFile {
+       return addOpenShiftHosts(serviceConfig)
+   }
+
+   logging.Infof("Skipping hosts file modification because 'modify-hosts-file' is set to false")

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6b59ec8 and b810d46.

📒 Files selected for processing (8)

• pkg/crc/config/settings.go (2 hunks)
• pkg/crc/config/settings_test.go (2 hunks)
• pkg/crc/machine/client.go (1 hunks)
• pkg/crc/machine/start.go (7 hunks)
• pkg/crc/services/dns/dns_darwin.go (1 hunks)
• pkg/crc/services/dns/dns_linux.go (1 hunks)
• pkg/crc/services/dns/dns_windows.go (2 hunks)
• pkg/crc/services/services.go (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (5)

• pkg/crc/services/dns/dns_darwin.go
• pkg/crc/config/settings.go
• pkg/crc/config/settings_test.go
• pkg/crc/machine/start.go
• pkg/crc/machine/client.go

🧰 Additional context used

🧬 Code graph analysis (3)

pkg/crc/services/dns/dns_linux.go (2)

pkg/crc/services/services.go (1)

• ServicePostStartConfig (9-16)

pkg/crc/config/settings.go (1)

• ModifyHostsFile (31-31)

pkg/crc/services/services.go (5)

pkg/crc/oc/oc.go (1)

• SSHRunner (74-76)

pkg/crc/ssh/ssh.go (1)

• Runner (16-18)

pkg/crc/machine/bundle/metadata.go (1)

• CrcBundleInfo (27-38)

pkg/crc/config/settings.go (2)

• NetworkMode (23-23)
• ModifyHostsFile (31-31)

pkg/crc/network/types.go (1)

• Mode (39-39)

pkg/crc/services/dns/dns_windows.go (1)

pkg/crc/config/settings.go (1)

• ModifyHostsFile (31-31)

🔇 Additional comments (1)

pkg/crc/services/services.go (1)

9-15: ServicePostStartConfig extension with ModifyHostsFile looks consistent

Adding ModifyHostsFile bool is an additive, zero-value-safe change and fits the existing config aggregation pattern. No issues from an API or correctness perspective as long as callers initialize it via the new setting as done elsewhere in the PR.

[openshift-ci]

@tricktron: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/security	34341be	link	false	/test security
ci/prow/e2e-crc	34341be	link	true	/test e2e-crc

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.