fix: allow static hosts in /etc/hosts without hostname

smira · smira · commit 3ea08888a2e9 · 2026-03-06T19:17:34.000+04:00
Allow static hosts to be populated even if the hostname is not populated yet. This allows to use `ExtraHostConfig` before the hostname is established. Fixes #12792 While I'm at it, refactor the unit-tests to use modern ctest.DefaultSuite. Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com> (cherry picked from commit dab0d47)
diff --git a/go.mod b/go.mod
@@ -143,7 +143,7 @@ require (
 	github.com/siderolabs/go-circular v0.2.3
 	github.com/siderolabs/go-cmd v0.1.3
 	github.com/siderolabs/go-copy v0.1.0
-	github.com/siderolabs/go-debug v0.6.1
+	github.com/siderolabs/go-debug v0.6.2
 	github.com/siderolabs/go-kmsg v0.1.4
 	github.com/siderolabs/go-kubeconfig v0.1.1
 	github.com/siderolabs/go-kubernetes v0.2.28
diff --git a/go.sum b/go.sum
@@ -631,8 +631,8 @@ github.com/siderolabs/go-cmd v0.1.3 h1:JrgZwqhJQeoec3QRON0LK+fv+0y7d0DyY7zsfkO6c
 github.com/siderolabs/go-cmd v0.1.3/go.mod h1:bg7HY4mRNu4zKebAgUevSwuYNtcvPMJfuhLRkVKHZ0k=
 github.com/siderolabs/go-copy v0.1.0 h1:OIWCtSg+rhOtnIZTpT31Gfpn17rv5kwJqQHG+QUEgC8=
 github.com/siderolabs/go-copy v0.1.0/go.mod h1:4bF2rZOZAR/ags/U4AVSpjFE5RPGdEeSkOq6yR9YOkU=
-github.com/siderolabs/go-debug v0.6.1 h1:LAkM2ADz+naL3PA6Mv0SzyXYx7aCxYlKdO2dSiZmhRc=
-github.com/siderolabs/go-debug v0.6.1/go.mod h1:qKGKnrkHXdgj+gPaGujFs3L/hc87FXYTp1/l6kN/1s0=
+github.com/siderolabs/go-debug v0.6.2 h1:zWWMTcrYDVyiNTotSxEVg++hj9mb2ctuTNVnOeCWtO8=
+github.com/siderolabs/go-debug v0.6.2/go.mod h1:tcHnBjzOfEC/Stfc+cpP8J9Y6y5Pp89XNBN0n3dsWD4=
 github.com/siderolabs/go-kmsg v0.1.4 h1:RLAa90O9bWuhA3pXPAYAdrI+kzcqTshZASRA5yso/mo=
 github.com/siderolabs/go-kmsg v0.1.4/go.mod h1:BLkt2N2DHT0wsFMz32lMw6vNEZL90c8ZnBjpIUoBb/M=
 github.com/siderolabs/go-kubeconfig v0.1.1 h1:tZlgpelj/OqrcHVUwISPN0NRgObcflpH9WtE41mtQZ0=
diff --git a/internal/app/machined/pkg/controllers/network/address_merge_test.go b/internal/app/machined/pkg/controllers/network/address_merge_test.go
@@ -5,15 +5,11 @@
 package network_test
 
 import (
-	"context"
 	"net/netip"
 	"testing"
 	"time"
 
 	"github.com/cosi-project/runtime/pkg/resource"
-	"github.com/cosi-project/runtime/pkg/resource/rtestutils"
-	"github.com/cosi-project/runtime/pkg/state"
-	"github.com/siderolabs/gen/xslices"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/suite"
 
@@ -140,41 +136,3 @@ func TestAddressMergeSuite(t *testing.T) {
 		},
 	})
 }
-
-func assertResources[R rtestutils.ResourceWithRD](
-	ctx context.Context,
-	t *testing.T,
-	state state.State,
-	requiredIDs []string,
-	check func(R, *assert.Assertions),
-	opts ...rtestutils.Option,
-) {
-	ctx, cancel := context.WithTimeout(ctx, 10*time.Second)
-	defer cancel()
-
-	rtestutils.AssertResources(
-		ctx,
-		t,
-		state,
-		xslices.Map(requiredIDs, func(id string) resource.ID { return id }),
-		check,
-		opts...,
-	)
-}
-
-func assertNoResource[R rtestutils.ResourceWithRD](
-	ctx context.Context,
-	t *testing.T,
-	state state.State,
-	id string,
-) {
-	ctx, cancel := context.WithTimeout(ctx, 10*time.Second)
-	defer cancel()
-
-	rtestutils.AssertNoResource[R](
-		ctx,
-		t,
-		state,
-		id,
-	)
-}
diff --git a/internal/app/machined/pkg/controllers/network/etcfile.go b/internal/app/machined/pkg/controllers/network/etcfile.go
@@ -193,17 +193,15 @@ func (ctrl *EtcFileController) Run(ctx context.Context, r controller.Runtime, lo
 			}
 		}
 
-		if hostnameStatus != nil && nodeAddressStatus != nil {
-			if err = safe.WriterModify(ctx, r, files.NewEtcFileSpec(files.NamespaceName, "hosts"),
-				func(r *files.EtcFileSpec) error {
-					r.TypedSpec().Contents, err = ctrl.renderHosts(hostnameStatus.TypedSpec(), nodeAddressStatus.TypedSpec(), cfgProvider)
-					r.TypedSpec().Mode = 0o644
-					r.TypedSpec().SelinuxLabel = constants.EtcSelinuxLabel
-
-					return err
-				}); err != nil {
-				return fmt.Errorf("error modifying hosts: %w", err)
-			}
+		if err = safe.WriterModify(ctx, r, files.NewEtcFileSpec(files.NamespaceName, "hosts"),
+			func(r *files.EtcFileSpec) error {
+				r.TypedSpec().Contents, err = ctrl.renderHosts(hostnameStatus, nodeAddressStatus, cfgProvider)
+				r.TypedSpec().Mode = 0o644
+				r.TypedSpec().SelinuxLabel = constants.EtcSelinuxLabel
+
+				return err
+			}); err != nil {
+			return fmt.Errorf("error modifying hosts: %w", err)
 		}
 
 		r.ResetRestartBackoff()
@@ -240,7 +238,7 @@ func renderResolvConf(nameservers iter.Seq2[int, netip.Addr], searchDomains []st
 	return buf.Bytes()
 }
 
-func (ctrl *EtcFileController) renderHosts(hostnameStatus *network.HostnameStatusSpec, nodeAddressStatus *network.NodeAddressSpec, cfgProvider talosconfig.Config) ([]byte, error) {
+func (ctrl *EtcFileController) renderHosts(hostnameStatus *network.HostnameStatus, nodeAddressStatus *network.NodeAddress, cfgProvider talosconfig.Config) ([]byte, error) {
 	var buf bytes.Buffer
 
 	tabW := tabwriter.NewWriter(&buf, 0, 0, 1, ' ', 0)
@@ -249,13 +247,15 @@ func (ctrl *EtcFileController) renderHosts(hostnameStatus *network.HostnameStatu
 
 	write("127.0.0.1\tlocalhost\n")
 
-	write(fmt.Sprintf("%s\t%s", nodeAddressStatus.Addresses[0].Addr(), hostnameStatus.FQDN()))
+	if nodeAddressStatus != nil && hostnameStatus != nil {
+		write(fmt.Sprintf("%s\t%s", nodeAddressStatus.TypedSpec().Addresses[0].Addr(), hostnameStatus.TypedSpec().FQDN()))
 
-	if hostnameStatus.Hostname != hostnameStatus.FQDN() {
-		write(" " + hostnameStatus.Hostname)
-	}
+		if hostnameStatus.TypedSpec().Hostname != hostnameStatus.TypedSpec().FQDN() {
+			write(" " + hostnameStatus.TypedSpec().Hostname)
+		}
 
-	write("\n")
+		write("\n")
+	}
 
 	write("::1\tlocalhost ip6-localhost ip6-loopback\n")
 	write("ff02::1\tip6-allnodes\n")
diff --git a/internal/app/machined/pkg/controllers/network/etcfile_test.go b/internal/app/machined/pkg/controllers/network/etcfile_test.go
@@ -11,21 +11,16 @@ import (
 	"net/url"
 	"os"
 	"path/filepath"
-	"sync"
 	"testing"
 	"time"
 
-	"github.com/cosi-project/runtime/pkg/controller/runtime"
 	"github.com/cosi-project/runtime/pkg/resource"
-	"github.com/cosi-project/runtime/pkg/state"
-	"github.com/cosi-project/runtime/pkg/state/impl/inmem"
-	"github.com/cosi-project/runtime/pkg/state/impl/namespaced"
 	"github.com/siderolabs/go-pointer"
 	"github.com/siderolabs/go-retry/retry"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/suite"
-	"go.uber.org/zap/zaptest"
 
+	"github.com/siderolabs/talos/internal/app/machined/pkg/controllers/ctest"
 	netctrl "github.com/siderolabs/talos/internal/app/machined/pkg/controllers/network"
 	v1alpha1runtime "github.com/siderolabs/talos/internal/app/machined/pkg/runtime"
 	"github.com/siderolabs/talos/internal/pkg/mount/v3"
@@ -39,15 +34,7 @@ import (
 )
 
 type EtcFileConfigSuite struct {
-	suite.Suite
-
-	state state.State
-
-	runtime *runtime.Runtime
-	wg      sync.WaitGroup
-
-	ctx       context.Context //nolint:containedctx
-	ctxCancel context.CancelFunc
+	ctest.DefaultSuite
 
 	cfg            *config.MachineConfig
 	defaultAddress *network.NodeAddress
@@ -60,18 +47,7 @@ type EtcFileConfigSuite struct {
 	etcRoot           xfs.Root
 }
 
-func (suite *EtcFileConfigSuite) SetupTest() {
-	suite.ctx, suite.ctxCancel = context.WithTimeout(context.Background(), 3*time.Minute)
-
-	suite.state = state.WrapCore(namespaced.NewState(inmem.Build))
-
-	var err error
-
-	suite.runtime, err = runtime.NewRuntime(suite.state, zaptest.NewLogger(suite.T()))
-	suite.Require().NoError(err)
-
-	suite.startRuntime()
-
+func (suite *EtcFileConfigSuite) ExtraSetup() {
 	ok, err := v1alpha1runtime.KernelCapabilities().OpentreeOnAnonymousFS()
 	suite.Require().NoError(err)
 
@@ -87,7 +63,7 @@ func (suite *EtcFileConfigSuite) SetupTest() {
 	suite.Require().NoError(suite.etcRoot.OpenFS())
 	suite.Assert().NoFileExists(suite.podResolvConfPath)
 
-	suite.Require().NoError(suite.runtime.RegisterController(&netctrl.EtcFileController{
+	suite.Require().NoError(suite.Runtime().RegisterController(&netctrl.EtcFileController{
 		V1Alpha1Mode:    v1alpha1runtime.ModeMetal,
 		EtcRoot:         suite.etcRoot,
 		BindMountTarget: suite.bindMountTarget,
@@ -149,12 +125,6 @@ func (suite *EtcFileConfigSuite) SetupTest() {
 	suite.hostDNSConfig.TypedSpec().ServiceHostDNSAddress = netip.MustParseAddr("169.254.116.108")
 }
 
-func (suite *EtcFileConfigSuite) startRuntime() {
-	suite.wg.Go(func() {
-		suite.Assert().NoError(suite.runtime.Run(suite.ctx))
-	})
-}
-
 type etcFileContents struct {
 	hosts            string
 	resolvConf       string
@@ -164,7 +134,7 @@ type etcFileContents struct {
 //nolint:gocyclo
 func (suite *EtcFileConfigSuite) testFiles(resources []resource.Resource, contents etcFileContents) {
 	for _, r := range resources {
-		suite.Require().NoError(suite.state.Create(suite.ctx, r))
+		suite.Create(r)
 	}
 
 	var (
@@ -184,10 +154,8 @@ func (suite *EtcFileConfigSuite) testFiles(resources []resource.Resource, conten
 		unexpectedIDs = append(unexpectedIDs, "hosts")
 	}
 
-	assertResources(
-		suite.ctx,
-		suite.T(),
-		suite.state,
+	ctest.AssertResources(
+		suite,
 		expectedIDs,
 		func(r *files.EtcFileSpec, asrt *assert.Assertions) {
 			switch r.Metadata().ID() {
@@ -198,6 +166,7 @@ func (suite *EtcFileConfigSuite) testFiles(resources []resource.Resource, conten
 			}
 		},
 	)
+
 	suite.Assert().NoError(
 		retry.Constant(10*time.Second, retry.WithUnits(100*time.Millisecond)).Retry(func() error {
 			if contents.resolvGlobalConf == "" {
@@ -231,7 +200,7 @@ func (suite *EtcFileConfigSuite) testFiles(resources []resource.Resource, conten
 	)
 
 	for _, id := range unexpectedIDs {
-		assertNoResource[*files.EtcFileSpec](suite.ctx, suite.T(), suite.state, id)
+		ctest.AssertNoResource[*files.EtcFileSpec](suite, id)
 	}
 }
 
@@ -248,6 +217,19 @@ func (suite *EtcFileConfigSuite) TestComplete() {
 	)
 }
 
+func (suite *EtcFileConfigSuite) TestExtraHostsNoHostname() {
+	suite.resolverStatus.TypedSpec().SearchDomains = []string{"foo.example.com"}
+
+	suite.testFiles(
+		[]resource.Resource{suite.cfg, suite.resolverStatus, suite.hostDNSConfig},
+		etcFileContents{
+			hosts:            "127.0.0.1 localhost\n::1       localhost ip6-localhost ip6-loopback\nff02::1   ip6-allnodes\nff02::2   ip6-allrouters\n10.0.0.1  a b\n10.0.0.2  c d\n",
+			resolvConf:       "nameserver 127.0.0.53\n\nsearch foo.example.com\n",
+			resolvGlobalConf: "nameserver 169.254.116.108\n\nsearch foo.example.com\n",
+		},
+	)
+}
+
 func (suite *EtcFileConfigSuite) TestNoExtraHosts() {
 	suite.resolverStatus.TypedSpec().SearchDomains = []string{"foo.example.com"}
 
@@ -301,7 +283,7 @@ func (suite *EtcFileConfigSuite) TestOnlyResolvers() {
 	suite.testFiles(
 		[]resource.Resource{suite.resolverStatus, suite.hostDNSConfig},
 		etcFileContents{
-			hosts:            "",
+			hosts:            "127.0.0.1 localhost\n::1       localhost ip6-localhost ip6-loopback\nff02::1   ip6-allnodes\nff02::2   ip6-allrouters\n",
 			resolvConf:       "nameserver 127.0.0.53\n",
 			resolvGlobalConf: "nameserver 169.254.116.108\n",
 		},
@@ -319,11 +301,7 @@ func (suite *EtcFileConfigSuite) TestOnlyHostname() {
 	)
 }
 
-func (suite *EtcFileConfigSuite) TearDownTest() {
-	suite.T().Log("tear down")
-
-	suite.ctxCancel()
-
+func (suite *EtcFileConfigSuite) ExtraTearDown() {
 	if _, err := os.Lstat(suite.podResolvConfPath); err == nil {
 		if suite.etcRoot.FSType() == "os" {
 			suite.Require().NoError(os.Remove(suite.podResolvConfPath))
@@ -332,8 +310,6 @@ func (suite *EtcFileConfigSuite) TearDownTest() {
 		}
 	}
 
-	suite.wg.Wait()
-
 	if suite.etcRoot != nil {
 		suite.Require().NoError(os.RemoveAll(suite.bindMountTarget))
 
@@ -342,9 +318,25 @@ func (suite *EtcFileConfigSuite) TearDownTest() {
 }
 
 func TestEtcFileConfigSuite(t *testing.T) {
+	t.Parallel()
+
 	if os.Geteuid() != 0 {
 		t.Skip("skipping test that requires root privileges")
 	}
 
-	suite.Run(t, new(EtcFileConfigSuite))
+	s := &EtcFileConfigSuite{
+		DefaultSuite: ctest.DefaultSuite{
+			Timeout: 10 * time.Second,
+		},
+	}
+
+	s.AfterSetup = func(*ctest.DefaultSuite) {
+		s.ExtraSetup()
+	}
+
+	s.AfterTearDown = func(*ctest.DefaultSuite) {
+		s.ExtraTearDown()
+	}
+
+	suite.Run(t, s)
 }
diff --git a/internal/app/machined/pkg/controllers/network/hardware_addr_test.go b/internal/app/machined/pkg/controllers/network/hardware_addr_test.go
