coulomb/sand-boxer
2
0
Fork 0
generated from coulomb/repo-seed
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1f87be4c6bf205587e61e6134403e76bc04e9587
sand-boxer/tests/test_reachability.py
tegwick 1f87be4c6b feat: reachability and consumer profiles (SAND-WP-0011) 
Add reachability enrichment (tunnel metadata, ops-bridge pointer),
secret_refs boundary resolution, profile.agent-dev and profile.build,
CLI reachability show, API endpoint, consumer smoke scripts, and tests.
2026-06-24 12:54:27 +02:00

78 lines
2.1 KiB
Python
Raw Blame History

"""Reachability enrichment tests."""
from __future__ import annotations
from datetime import UTC, datetime
from sandboxer.models import (
ActorType,
Consumer,
Profile,
Reachability,
ReachabilitySpec,
SandboxState,
SandboxStatus,
)
from sandboxer.reachability.enrich import (
build_reachability_report,
enrich_reachability,
ssh_one_liner,
)
def _profile() -> Profile:
return Profile.model_validate(
{
"id": "profile.agent-dev",
"version": "1.0.0",
"extension": "ext.compose-ssh",
"reachability": ReachabilitySpec(
tunnel="ops-bridge", identity="ops-warden"
).model_dump(),
}
)
def test_enrich_adds_tunnel_and_identity(monkeypatch) -> None:
monkeypatch.setenv("SANDBOXER_TUNNEL_PORT", "12222")
reach = enrich_reachability(
{"ssh": "build@localhost", "remote_dir": "/build/sbx-1", "host": "localhost"},
_profile(),
{"ssh_port": "12222"},
)
assert reach["identity"] == "ops-warden"
assert reach["tunnel"] == "localhost:12222"
assert reach["tunnel_via"] == "ops-bridge"
def test_ssh_one_liner() -> None:
reach = Reachability(ssh="user@host", remote_dir="/tmp/ws")
line = ssh_one_liner(reach)
assert line is not None
assert "user@host" in line
assert "/tmp/ws" in line
def test_build_reachability_report() -> None:
now = datetime.now(UTC)
status = SandboxStatus(
sandbox_id="abc12345",
profile_id="profile.agent-dev",
extension_id="ext.compose-ssh",
state=SandboxState.READY,
consumer=Consumer(actor=ActorType.AGT, project="glas-harness"),
host="coulombcore",
reachability=Reachability(
ssh="root@coulombcore",
remote_dir="/tmp/sandboxer/abc12345",
tunnel="localhost:22",
tunnel_via="ops-bridge",
identity="ops-warden",
),
created_at=now,
updated_at=now,
)
report = build_reachability_report(status)
assert report["sandbox_id"] == "abc12345"
assert report["ssh_one_liner"] is not None
assert "ops_bridge" in report
Reference in New Issue View Git Blame Copy Permalink