Skip to content

Commit 4a1183d

Browse files
Mossakaclaude
Mossaka
and
claude
committed
fix(test): use 'localhost' instead of empty allowDomains array
AWF CLI requires at least one domain in --allow-domains. Changed all tests that used empty array to use ['localhost'] as a dummy domain for tests that don't need network access. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
1 parent eb70f00 commit 4a1183d

2 files changed

Lines changed: 30 additions & 30 deletions

File tree

tests/integration/chroot-edge-cases.test.ts

Lines changed: 22 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ describe('Chroot Edge Cases', () => {
2626
describe('Working Directory Handling', () => {
2727
test('should respect container-workdir in chroot mode', async () => {
2828
const result = await runner.runWithSudo('pwd', {
29-
allowDomains: [],
29+
allowDomains: ['localhost'],
3030
logLevel: 'debug',
3131
timeout: 60000,
3232
enableChroot: true,
@@ -39,7 +39,7 @@ describe('Chroot Edge Cases', () => {
3939

4040
test('should fall back to / if workdir does not exist', async () => {
4141
const result = await runner.runWithSudo('pwd', {
42-
allowDomains: [],
42+
allowDomains: ['localhost'],
4343
logLevel: 'debug',
4444
timeout: 60000,
4545
enableChroot: true,
@@ -55,7 +55,7 @@ describe('Chroot Edge Cases', () => {
5555
describe('Environment Variables', () => {
5656
test('should preserve PATH including tool cache paths', async () => {
5757
const result = await runner.runWithSudo('echo $PATH', {
58-
allowDomains: [],
58+
allowDomains: ['localhost'],
5959
logLevel: 'debug',
6060
timeout: 60000,
6161
enableChroot: true,
@@ -69,7 +69,7 @@ describe('Chroot Edge Cases', () => {
6969

7070
test('should have HOME set correctly', async () => {
7171
const result = await runner.runWithSudo('echo $HOME', {
72-
allowDomains: [],
72+
allowDomains: ['localhost'],
7373
logLevel: 'debug',
7474
timeout: 60000,
7575
enableChroot: true,
@@ -81,7 +81,7 @@ describe('Chroot Edge Cases', () => {
8181

8282
test('should pass custom environment variables', async () => {
8383
const result = await runner.runWithSudo('echo $MY_CUSTOM_VAR', {
84-
allowDomains: [],
84+
allowDomains: ['localhost'],
8585
logLevel: 'debug',
8686
timeout: 60000,
8787
enableChroot: true,
@@ -98,7 +98,7 @@ describe('Chroot Edge Cases', () => {
9898
describe('File System Access', () => {
9999
test('should have read access to /usr', async () => {
100100
const result = await runner.runWithSudo('ls /usr/bin | head -5', {
101-
allowDomains: [],
101+
allowDomains: ['localhost'],
102102
logLevel: 'debug',
103103
timeout: 60000,
104104
enableChroot: true,
@@ -109,7 +109,7 @@ describe('Chroot Edge Cases', () => {
109109

110110
test('should have read access to /etc', async () => {
111111
const result = await runner.runWithSudo('cat /etc/hostname', {
112-
allowDomains: [],
112+
allowDomains: ['localhost'],
113113
logLevel: 'debug',
114114
timeout: 60000,
115115
enableChroot: true,
@@ -122,7 +122,7 @@ describe('Chroot Edge Cases', () => {
122122
const result = await runner.runWithSudo(
123123
'echo "test" > /tmp/chroot-test-$$ && cat /tmp/chroot-test-$$ && rm /tmp/chroot-test-$$',
124124
{
125-
allowDomains: [],
125+
allowDomains: ['localhost'],
126126
logLevel: 'debug',
127127
timeout: 60000,
128128
enableChroot: true,
@@ -136,7 +136,7 @@ describe('Chroot Edge Cases', () => {
136136
test('should not have access to Docker socket', async () => {
137137
// Docker socket should be hidden (mounted to /dev/null)
138138
const result = await runner.runWithSudo('ls -la /var/run/docker.sock 2>&1', {
139-
allowDomains: [],
139+
allowDomains: ['localhost'],
140140
logLevel: 'debug',
141141
timeout: 60000,
142142
enableChroot: true,
@@ -146,7 +146,7 @@ describe('Chroot Edge Cases', () => {
146146
if (result.success) {
147147
// If it exists, it should be empty (pointing to /dev/null)
148148
const checkResult = await runner.runWithSudo('test -S /var/run/docker.sock && echo "is_socket"', {
149-
allowDomains: [],
149+
allowDomains: ['localhost'],
150150
logLevel: 'debug',
151151
timeout: 60000,
152152
enableChroot: true,
@@ -161,7 +161,7 @@ describe('Chroot Edge Cases', () => {
161161
test('should not have NET_ADMIN capability', async () => {
162162
// Try to run iptables - should fail without NET_ADMIN
163163
const result = await runner.runWithSudo('iptables -L 2>&1', {
164-
allowDomains: [],
164+
allowDomains: ['localhost'],
165165
logLevel: 'debug',
166166
timeout: 60000,
167167
enableChroot: true,
@@ -175,7 +175,7 @@ describe('Chroot Edge Cases', () => {
175175
test('should not be able to use chroot command', async () => {
176176
// Should not be able to chroot again (capability dropped)
177177
const result = await runner.runWithSudo('chroot / /bin/true 2>&1', {
178-
allowDomains: [],
178+
allowDomains: ['localhost'],
179179
logLevel: 'debug',
180180
timeout: 60000,
181181
enableChroot: true,
@@ -189,7 +189,7 @@ describe('Chroot Edge Cases', () => {
189189
describe('Exit Code Propagation', () => {
190190
test('should propagate exit code 0', async () => {
191191
const result = await runner.runWithSudo('exit 0', {
192-
allowDomains: [],
192+
allowDomains: ['localhost'],
193193
logLevel: 'debug',
194194
timeout: 60000,
195195
enableChroot: true,
@@ -200,7 +200,7 @@ describe('Chroot Edge Cases', () => {
200200

201201
test('should propagate exit code 1', async () => {
202202
const result = await runner.runWithSudo('exit 1', {
203-
allowDomains: [],
203+
allowDomains: ['localhost'],
204204
logLevel: 'debug',
205205
timeout: 60000,
206206
enableChroot: true,
@@ -211,7 +211,7 @@ describe('Chroot Edge Cases', () => {
211211

212212
test('should propagate exit code from failed command', async () => {
213213
const result = await runner.runWithSudo('false', {
214-
allowDomains: [],
214+
allowDomains: ['localhost'],
215215
logLevel: 'debug',
216216
timeout: 60000,
217217
enableChroot: true,
@@ -222,7 +222,7 @@ describe('Chroot Edge Cases', () => {
222222

223223
test('should propagate exit code 127 for command not found', async () => {
224224
const result = await runner.runWithSudo('nonexistent_command_xyz123', {
225-
allowDomains: [],
225+
allowDomains: ['localhost'],
226226
logLevel: 'debug',
227227
timeout: 60000,
228228
enableChroot: true,
@@ -273,7 +273,7 @@ describe('Chroot Edge Cases', () => {
273273
describe('Shell Features', () => {
274274
test('should support shell pipes', async () => {
275275
const result = await runner.runWithSudo('echo "hello world" | grep hello', {
276-
allowDomains: [],
276+
allowDomains: ['localhost'],
277277
logLevel: 'debug',
278278
timeout: 60000,
279279
enableChroot: true,
@@ -287,7 +287,7 @@ describe('Chroot Edge Cases', () => {
287287
const result = await runner.runWithSudo(
288288
'echo "redirect test" > /tmp/redirect-test-$$ && cat /tmp/redirect-test-$$ && rm /tmp/redirect-test-$$',
289289
{
290-
allowDomains: [],
290+
allowDomains: ['localhost'],
291291
logLevel: 'debug',
292292
timeout: 60000,
293293
enableChroot: true,
@@ -300,7 +300,7 @@ describe('Chroot Edge Cases', () => {
300300

301301
test('should support command substitution', async () => {
302302
const result = await runner.runWithSudo('echo "Today is $(date +%Y)"', {
303-
allowDomains: [],
303+
allowDomains: ['localhost'],
304304
logLevel: 'debug',
305305
timeout: 60000,
306306
enableChroot: true,
@@ -312,7 +312,7 @@ describe('Chroot Edge Cases', () => {
312312

313313
test('should support compound commands', async () => {
314314
const result = await runner.runWithSudo('echo "first" && echo "second" && echo "third"', {
315-
allowDomains: [],
315+
allowDomains: ['localhost'],
316316
logLevel: 'debug',
317317
timeout: 60000,
318318
enableChroot: true,
@@ -328,7 +328,7 @@ describe('Chroot Edge Cases', () => {
328328
describe('User Context', () => {
329329
test('should run as non-root user', async () => {
330330
const result = await runner.runWithSudo('id -u', {
331-
allowDomains: [],
331+
allowDomains: ['localhost'],
332332
logLevel: 'debug',
333333
timeout: 60000,
334334
enableChroot: true,
@@ -342,7 +342,7 @@ describe('Chroot Edge Cases', () => {
342342

343343
test('should have username set', async () => {
344344
const result = await runner.runWithSudo('whoami', {
345-
allowDomains: [],
345+
allowDomains: ['localhost'],
346346
logLevel: 'debug',
347347
timeout: 60000,
348348
enableChroot: true,

tests/integration/chroot-package-managers.test.ts

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,7 @@ describe('Chroot Package Manager Support', () => {
4242

4343
test('should show package info without network', async () => {
4444
const result = await runner.runWithSudo('pip3 show pip', {
45-
allowDomains: [],
45+
allowDomains: ['localhost'],
4646
logLevel: 'debug',
4747
timeout: 60000,
4848
enableChroot: true,
@@ -92,7 +92,7 @@ describe('Chroot Package Manager Support', () => {
9292

9393
test('should be blocked from npm registry without domain', async () => {
9494
const result = await runner.runWithSudo('npm view chalk version 2>&1', {
95-
allowDomains: [],
95+
allowDomains: ['localhost'],
9696
logLevel: 'debug',
9797
timeout: 60000,
9898
enableChroot: true,
@@ -118,7 +118,7 @@ describe('Chroot Package Manager Support', () => {
118118

119119
test('should execute rustc from host via chroot', async () => {
120120
const result = await runner.runWithSudo('rustc --version', {
121-
allowDomains: [],
121+
allowDomains: ['localhost'],
122122
logLevel: 'debug',
123123
timeout: 60000,
124124
enableChroot: true,
@@ -146,7 +146,7 @@ describe('Chroot Package Manager Support', () => {
146146
describe('Java (maven)', () => {
147147
test('should execute java from host via chroot', async () => {
148148
const result = await runner.runWithSudo('java --version 2>&1 || java -version 2>&1', {
149-
allowDomains: [],
149+
allowDomains: ['localhost'],
150150
logLevel: 'debug',
151151
timeout: 60000,
152152
enableChroot: true,
@@ -158,7 +158,7 @@ describe('Chroot Package Manager Support', () => {
158158

159159
test('should execute javac from host via chroot', async () => {
160160
const result = await runner.runWithSudo('javac --version 2>&1 || javac -version 2>&1', {
161-
allowDomains: [],
161+
allowDomains: ['localhost'],
162162
logLevel: 'debug',
163163
timeout: 60000,
164164
enableChroot: true,
@@ -188,7 +188,7 @@ describe('Chroot Package Manager Support', () => {
188188
describe('Ruby (gem/bundler)', () => {
189189
test('should execute ruby from host via chroot', async () => {
190190
const result = await runner.runWithSudo('ruby --version', {
191-
allowDomains: [],
191+
allowDomains: ['localhost'],
192192
logLevel: 'debug',
193193
timeout: 60000,
194194
enableChroot: true,
@@ -212,7 +212,7 @@ describe('Chroot Package Manager Support', () => {
212212

213213
test('should list installed gems', async () => {
214214
const result = await runner.runWithSudo('gem list --local | head -5', {
215-
allowDomains: [],
215+
allowDomains: ['localhost'],
216216
logLevel: 'debug',
217217
timeout: 60000,
218218
enableChroot: true,
@@ -267,7 +267,7 @@ describe('Chroot Package Manager Support', () => {
267267
const result = await runner.runWithSudo(
268268
'cd /tmp && mkdir -p gotest && cd gotest && go mod init test 2>&1 && go mod tidy 2>&1 && cat go.mod',
269269
{
270-
allowDomains: [],
270+
allowDomains: ['localhost'],
271271
logLevel: 'debug',
272272
timeout: 60000,
273273
enableChroot: true,

0 commit comments

Comments
 (0)