boxlite-ai
diff --git a/‎scripts/test/e2e/cases/conftest.py‎
Lines changed: 134 additions & 1 deletion b/‎scripts/test/e2e/cases/conftest.py‎
Lines changed: 134 additions & 1 deletion
diff --git a/‎scripts/test/e2e/cases/test_c_entry.py‎
Lines changed: 24 additions & 13 deletions b/‎scripts/test/e2e/cases/test_c_entry.py‎
Lines changed: 24 additions & 13 deletions
diff --git a/‎scripts/test/e2e/cases/test_cli_detach_recovery.py‎
Lines changed: 20 additions & 10 deletions b/‎scripts/test/e2e/cases/test_cli_detach_recovery.py‎
Lines changed: 20 additions & 10 deletions
@@ -12,10 +12,14 @@
 from __future__ import annotations
 
 import asyncio
+import json
 import os
+import re
 import sys
 import time
 import tomllib
+import urllib.error
+import urllib.request
 from pathlib import Path
 
 import pytest
@@ -27,10 +31,125 @@
 from path_verification import runner_journal_seek, runner_hits_for_box
 
 DEFAULT_PROFILE = os.environ.get("BOXLITE_E2E_PROFILE", "p1")
-DEFAULT_IMAGE = os.environ.get("BOXLITE_E2E_IMAGE", "alpine:3.23")
 CRED_PATH = Path.home() / ".boxlite" / "credentials.toml"
 
 
+def _discover_supported_image() -> str:
+    """Resolve the box image at session start.
+
+    Precedence:
+      1. `BOXLITE_E2E_IMAGE` env — explicit override (CI sets this, local
+         devs can pin a known-good ref). Returned as-is, no validation.
+      2. Probe — POST /boxes with an obviously-out-of-allowlist image
+         against the active credential profile's API, parse the 400
+         body's `"Supported images: a, b, c"` list, return the first.
+         The first entry is the server's default (curated-images.constant
+         `assertSupportedImage(undefined)` returns `supported[0]`),
+         which is the safest pick across reboots / image-allowlist
+         rotations.
+      3. Fallback `alpine:3.23` — if probe fails (network down, auth
+         broken, body shape changed). Tests downstream will still 400
+         loudly so the regression is visible.
+
+    The discovered value is also written back to `os.environ
+    ['BOXLITE_E2E_IMAGE']` so the C / Go / Node SDK entry drivers'
+    subprocess env inherits it without each test re-implementing the
+    probe.
+    """
+    explicit = os.environ.get("BOXLITE_E2E_IMAGE", "").strip()
+    if explicit:
+        return explicit
+    if not CRED_PATH.exists():
+        return "alpine:3.23"
+    try:
+        data = tomllib.loads(CRED_PATH.read_text())
+        p = data.get("profiles", {}).get(DEFAULT_PROFILE)
+        if not p:
+            return "alpine:3.23"
+        url = f"{p['url'].rstrip('/')}/v1/{p.get('path_prefix') or ''}/boxes".replace("//boxes", "/boxes")
+        req = urllib.request.Request(
+            url,
+            method="POST",
+            headers={
+                "Authorization": f"Bearer {p['api_key']}",
+                "Content-Type": "application/json",
+            },
+            # Send a deliberately-unsupported image so the API answers
+            # with its full supportedImages list. cpus/memory are
+            # required by the DTO but never reached — image validation
+            # rejects first.
+            data=json.dumps({
+                "image": "__e2e_probe_not_in_allowlist__",
+                "cpus": 1,
+                "memory_mib": 256,
+            }).encode(),
+        )
+        try:
+            urllib.request.urlopen(req, timeout=10).read()
+        except urllib.error.HTTPError as e:
+            if e.code == 400:
+                body = json.loads(e.read())
+                # Message shape:
+                #   "Unsupported image 'X'. Supported images: a, b, c"
+                m = re.search(
+                    r"Supported images:\s*(.+?)\s*$",
+                    body.get("message", ""),
+                )
+                if m:
+                    images = [s.strip() for s in m.group(1).split(",") if s.strip()]
+                    if images:
+                        return images[0]
+    except Exception:
+        pass
+    return "alpine:3.23"
+
+
+DEFAULT_IMAGE = _discover_supported_image()
+# Pin the discovered value into the env so the C / Go / Node entry
+# drivers' subprocess inherit it without re-running the probe.
+os.environ["BOXLITE_E2E_IMAGE"] = DEFAULT_IMAGE
+
+# test_path_verification.py is a LOCAL-only meta-test: case 1 asserts the
+# credentials.toml URL contains ":3000" (the local API port), and case 2
+# reads the host's `boxlite-runner` systemd journal via journalctl. Both
+# can't run on a remote profile pointing at the Tokyo ELB. Drop them
+# from pytest collection on any non-default profile so the cloud gate
+# reports them as "not collected" rather than producing a SKIP entry.
+if DEFAULT_PROFILE != "default":
+    collect_ignore = ["test_path_verification.py"]
+
+
+def path_verify_skipped() -> bool:
+    """Single truthy reading of BOXLITE_E2E_SKIP_PATH_VERIFY for the SDK
+    entry smokes (CLI / C / Go / Node). They each spawn a subprocess
+    that creates a box and then assert `runner_hits_for_box >= 1`,
+    which can't be satisfied on a cloud run where journalctl lives on
+    a remote EC2. When this returns True the entry tests skip the
+    journal-hits assertion; the box-id + driver-output assertions
+    still run."""
+    return os.environ.get("BOXLITE_E2E_SKIP_PATH_VERIFY", "").lower() in (
+        "1", "true", "yes", "on"
+    )
+
+
+def skip_or_fail_unless_sdk_build_required(reason: str) -> None:
+    """SDK entry-point fixtures (test_c_entry, test_go_entry,
+    test_node_entry, test_cli_entry, test_cli_detach_recovery) skip
+    when their build artifact is missing — convenient for the local
+    dev path where someone hasn't built every SDK yet. On the cloud
+    gate the workflow produces every artifact up front; set
+    BOXLITE_E2E_REQUIRE_SDK_BUILDS=1 there so a regression in the
+    build step surfaces as a test failure, not a silent skip."""
+    require = os.environ.get("BOXLITE_E2E_REQUIRE_SDK_BUILDS", "")
+    if require.lower() in ("1", "true", "yes", "on"):
+        pytest.fail(
+            f"BOXLITE_E2E_REQUIRE_SDK_BUILDS=1 forbids skipping this case "
+            f"but the prerequisite is missing: {reason}"
+        )
+    pytest.skip(reason)
+
+
+
 def _profile(name: str) -> dict:
     if not CRED_PATH.exists():
         pytest.exit(
@@ -105,7 +224,21 @@ async def verify_runner_saw_all_boxes(rt):
     journal — if not, the SDK silently bypassed the API → Runner
     chain (e.g. degraded to local FFI, or the runner-side journal
     write broke). Tests that don't create any boxes are unaffected.
+
+    Set ``BOXLITE_E2E_SKIP_PATH_VERIFY=1`` to bypass this check entirely.
+    Intended for cloud-CI runs where the runner journal lives on a
+    remote EC2 instance and isn't reachable from ``journalctl`` on the
+    pytest host. The FFI-bypass risk this guard defends against doesn't
+    apply on a stock GitHub-hosted runner (no KVM, libkrun can't start
+    a VM), so disabling it there loses no real safety net.
     """
+    # Truthy values only. Plain `if os.environ.get(...)` treats "0"
+    # and "false" as truthy because they're non-empty strings, which
+    # is the opposite of what someone setting the var to "0" expects.
+    if os.environ.get("BOXLITE_E2E_SKIP_PATH_VERIFY", "").lower() in ("1", "true", "yes", "on"):
+        yield
+        return
+
     since = runner_journal_seek()
     object.__setattr__(rt, "_created", [])
 
 
@@ -18,33 +18,43 @@
 
 import pytest
 
+from conftest import skip_or_fail_unless_sdk_build_required, path_verify_skipped
+
 sys.path.insert(0, str(Path(__file__).parent.parent / "lib"))
 from path_verification import runner_journal_seek, runner_hits_for_box
 
 REPO = Path(__file__).resolve().parents[4]
 SRC = REPO / "scripts/test/e2e/sdks/c/e2e_basic.c"
 HDR = REPO / "sdks/c/include"
 LIB_DIR = REPO / "target/release"
-UUID_RE = re.compile(
-    r"[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"
+# Box ids are server-issued and opaque: the local runtime mints 12-char
+# Base62, but a REST server may return a ULID or UUID (see BoxID docs,
+# src/boxlite/src/runtime/id.rs).
+BOX_ID_RE = re.compile(
+    r"\b("
+    r"[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"  # UUID
+    r"|[0-9A-HJKMNP-TV-Z]{26}"                                       # ULID
+    r"|[0-9A-Za-z]{12}"                                              # 12-char Base62
+    r")\b"
 )
 
 
 def _profile():
+    name = os.environ.get("BOXLITE_E2E_PROFILE", "p1")
     return tomllib.loads(
         (Path.home() / ".boxlite/credentials.toml").read_text()
-    )["profiles"]["p1"]
+    )["profiles"][name]
 
 
 @pytest.fixture(scope="module")
 def c_binary():
     if not shutil.which("gcc"):
-        pytest.skip("gcc not installed")
+        skip_or_fail_unless_sdk_build_required("gcc not installed")
     if not SRC.exists():
-        pytest.skip(f"{SRC} missing")
+        skip_or_fail_unless_sdk_build_required(f"{SRC} missing")
     if not (LIB_DIR / "libboxlite.so").exists() and \
        not (LIB_DIR / "libboxlite.a").exists():
-        pytest.skip(
+        skip_or_fail_unless_sdk_build_required(
             f"libboxlite.so / .a missing under {LIB_DIR}; build with "
             f"`cargo build --release -p boxlite-c` first"
         )
@@ -60,7 +70,7 @@ def c_binary():
     try:
         subprocess.run(cmd, check=True, capture_output=True, text=True, timeout=120)
     except subprocess.CalledProcessError as e:
-        pytest.skip(f"gcc build failed: {e.stderr[:600]}")
+        skip_or_fail_unless_sdk_build_required(f"gcc build failed: {e.stderr[:600]}")
     return bin_path
 
 
@@ -73,7 +83,7 @@ def test_c_sdk_create_remove(c_binary):
         "BOXLITE_E2E_URL": p["url"],
         "BOXLITE_E2E_API_KEY": p["api_key"],
         "BOXLITE_E2E_PREFIX": p.get("path_prefix") or "",
-        "BOXLITE_E2E_IMAGE": "alpine:3.23",
+        "BOXLITE_E2E_IMAGE": os.environ.get("BOXLITE_E2E_IMAGE", "alpine:3.23"),
         "LD_LIBRARY_PATH": str(LIB_DIR),
     }
     r = subprocess.run(
@@ -84,12 +94,13 @@ def test_c_sdk_create_remove(c_binary):
         f"C driver exit={r.returncode}\nstdout:\n{r.stdout}\nstderr:\n{r.stderr}"
     )
 
-    m = UUID_RE.search(r.stdout)
+    m = BOX_ID_RE.search(r.stdout)
     assert m, f"C driver did not print BOX_ID: {r.stdout!r}"
     box_id = m.group(0)
     assert "OK" in r.stdout
 
-    hits = runner_hits_for_box(journal_since, box_id)
-    assert hits >= 1, (
-        f"runner journal did not see box {box_id} created by C SDK"
-    )
+    if not path_verify_skipped():
+        hits = runner_hits_for_box(journal_since, box_id)
+        assert hits >= 1, (
+            f"runner journal did not see box {box_id} created by C SDK"
+        )
@@ -30,6 +30,8 @@
 
 import pytest
 
+from conftest import skip_or_fail_unless_sdk_build_required, path_verify_skipped
+
 sys.path.insert(
     0,
     str(Path(__file__).resolve().parents[4] / "scripts" / "test" / "e2e" / "lib"),
@@ -38,15 +40,22 @@
 
 BOXLITE_BIN = os.environ.get("BOXLITE_E2E_CLI", shutil.which("boxlite"))
 IMAGE = os.environ.get("BOXLITE_E2E_IMAGE", "alpine:3.23")
-UUID_RE = re.compile(
-    r"[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"
+# Box ids are server-issued and opaque: the local runtime mints 12-char
+# Base62, but a REST server may return a ULID or UUID (see BoxID docs,
+# src/boxlite/src/runtime/id.rs).
+BOX_ID_RE = re.compile(
+    r"\b("
+    r"[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"  # UUID
+    r"|[0-9A-HJKMNP-TV-Z]{26}"                                       # ULID
+    r"|[0-9A-Za-z]{12}"                                              # 12-char Base62
+    r")\b"
 )
 
 
 @pytest.fixture(scope="module")
 def cli():
     if not BOXLITE_BIN or not Path(BOXLITE_BIN).exists():
-        pytest.skip(f"boxlite CLI not found at {BOXLITE_BIN!r}")
+        skip_or_fail_unless_sdk_build_required(f"boxlite CLI not found at {BOXLITE_BIN!r}")
     return BOXLITE_BIN
 
 
@@ -80,7 +89,7 @@ def test_detached_box_survives_cli_exit_and_is_reusable(cli):
 
     # 1) detach run in one CLI process
     r_run = run(cli, "run", "-d", IMAGE, "--", "sleep", "300", timeout=120)
-    m = UUID_RE.search(r_run.stdout)
+    m = BOX_ID_RE.search(r_run.stdout)
     assert m, f"`boxlite run -d` did not print a uuid: {r_run.stdout!r}"
     box_id = m.group(0)
 
@@ -113,11 +122,12 @@ def test_detached_box_survives_cli_exit_and_is_reusable(cli):
         )
 
         # 5) runner journal saw the box id (path-bypass guard)
-        hits = runner_hits_for_box(journal_since, box_id)
-        assert hits >= 1, (
-            f"runner journal did not see detached box {box_id}; "
-            f"`boxlite run -d` may have bypassed the API"
-        )
+        if not path_verify_skipped():
+            hits = runner_hits_for_box(journal_since, box_id)
+            assert hits >= 1, (
+                f"runner journal did not see detached box {box_id}; "
+                f"`boxlite run -d` may have bypassed the API"
+            )
     finally:
         run(cli, "rm", "-f", box_id, check=False)
 
@@ -127,7 +137,7 @@ def test_detached_box_exec_propagates_exit_code_on_fresh_cli(cli):
     still propagate when the exec is launched from a fresh CLI process
     (i.e. no in-memory SDK state to lean on)."""
     r_run = run(cli, "run", "-d", IMAGE, "--", "sleep", "300", timeout=120)
-    m = UUID_RE.search(r_run.stdout)
+    m = BOX_ID_RE.search(r_run.stdout)
     assert m
     box_id = m.group(0)