didericis/bot-bottle
1
0
Fork 0
Code Issues 5 Pull Requests 3 Actions Packages Projects Releases Wiki Activity

revert(egress-proxy): drop Role + agent provisioner (keep git-push block)
test / unit (pull_request) Successful in 17s
Details
test / integration (pull_request) Successful in 1m3s
Details

Browse Source 
Partial revert of fa06a3a. The role + agent-side provisioner felt
overengineered: anthropic-base-url + npm-registry's only realistic
host values match the tool defaults, so the role tags drove no-op
dotfile writes most of the time. If non-default npm registry / tea
config is needed in a future bottle, we can ship it through a more
direct mechanism then.

What stays from fa06a3a:
  - Universal HTTPS git-push block in the egress-proxy addon
    (`is_git_push_request` in egress_proxy_addon_core, called from
    the request hook before route matching; 403s git-receive-pack
    regardless of route). This is the security backstop so git-gate
    remains the only outbound write path; PR #29 keeps it.

What gets reverted:
  - `Role` field on EgressProxyRoute (manifest + runtime).
  - `EGRESS_PROXY_ROLES` + `EGRESS_PROXY_SINGLETON_ROLES` constants
    and singleton-role validation.
  - `backend/docker/provision/egress_proxy.py` (npmrc + tea config).
  - `provision_egress_proxy` slot in `BottleBackend.provision`.
  - `prepare.py`'s role-based ANTHROPIC_BASE_URL detection (back to
    the token_ref="CLAUDE_CODE_OAUTH_TOKEN" auto-detect).
  - Manifest + provisioner tests for the above.

355 unit + 24 integration tests pass.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
didericis
2026-05-25 15:02:01 -04:00
parent fa06a3a0ab
commit 4abea282e0
9 changed files with 24 additions and 453 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/unit/test_manifest_egress_proxy.py
-58
View File
@@ -128,64 +128,6 @@ class TestAuth(unittest.TestCase):
}])
class TestRole(unittest.TestCase):
def test_omitted_means_no_roles(self):
b = _bottle([{"host": "x.example"}])
self.assertEqual((), b.egress_proxy.routes[0].Role)
def test_string_normalizes_to_tuple(self):
b = _bottle([{"host": "api.anthropic.com",
"role": "anthropic-base-url",
"auth": {"scheme": "Bearer", "token_ref": "T"}}])
self.assertEqual(("anthropic-base-url",),
b.egress_proxy.routes[0].Role)
def test_list_supported(self):
b = _bottle([{"host": "registry.npmjs.org",
"role": ["npm-registry"]}])
self.assertEqual(("npm-registry",), b.egress_proxy.routes[0].Role)
def test_unknown_role_rejected(self):
with self.assertRaises(Die):
_bottle([{"host": "x.example", "role": "git-insteadof"}])
def test_non_string_role_rejected(self):
with self.assertRaises(Die):
_bottle([{"host": "x.example", "role": 42}])
def test_list_with_non_string_item_rejected(self):
with self.assertRaises(Die):
_bottle([{"host": "x.example", "role": ["npm-registry", 42]}])
def test_singleton_anthropic_base_url_enforced(self):
with self.assertRaises(Die):
_bottle([
{"host": "api.anthropic.com", "role": "anthropic-base-url",
"auth": {"scheme": "Bearer", "token_ref": "T1"}},
{"host": "api2.anthropic.example",
"role": "anthropic-base-url",
"auth": {"scheme": "Bearer", "token_ref": "T2"}},
])
def test_singleton_npm_registry_enforced(self):
with self.assertRaises(Die):
_bottle([
{"host": "registry.npmjs.org", "role": "npm-registry"},
{"host": "npm.example", "role": "npm-registry"},
])
def test_tea_login_is_not_singleton(self):
# Multiple Gitea instances on one bottle is a legitimate
# dev setup; tea-login lays one logins[] entry per route.
b = _bottle([
{"host": "gitea.example", "role": "tea-login",
"auth": {"scheme": "token", "token_ref": "T1"}},
{"host": "other-gitea.example", "role": "tea-login",
"auth": {"scheme": "token", "token_ref": "T2"}},
])
self.assertEqual(2, len(b.egress_proxy.routes))
class TestRouteValidation(unittest.TestCase):
def test_duplicate_hosts_rejected(self):
# Routes match by exact host; duplicates leave the choice
tests/unit/test_manifest_md_load.py
-2
View File
@@ -25,7 +25,6 @@ _BOTTLE_DEV = """
egress_proxy:
routes:
- host: api.anthropic.com
role: anthropic-base-url
auth:
scheme: Bearer
token_ref: CLAUDE_CODE_OAUTH_TOKEN
@@ -93,7 +92,6 @@ class TestBottleFileParses(_ResolveCase):
self.assertEqual("api.anthropic.com", routes[0].Host)
self.assertEqual("Bearer", routes[0].AuthScheme)
self.assertEqual("CLAUDE_CODE_OAUTH_TOKEN", routes[0].TokenRef)
self.assertEqual(("anthropic-base-url",), routes[0].Role)
self.assertEqual(["example.com"], list(m.bottles["dev"].egress.allowlist))
tests/unit/test_provision_egress_proxy.py
-109
View File
@@ -1,109 +0,0 @@
"""Unit: agent-side provisioning for egress-proxy roles (PRD 0017).
Each role drives one dotfile / env-var rewrite at bottle bring-up.
HTTPS_PROXY routes the canonical URL through egress-proxy, which
injects auth and DLP-scans on the upstream leg."""
import unittest
from claude_bottle.backend.docker.provision.egress_proxy import (
render_npmrc,
render_tea_config,
)
from claude_bottle.egress_proxy import egress_proxy_routes_for_bottle
from claude_bottle.manifest import Manifest
def _routes(manifest_routes):
m = Manifest.from_json_obj({
"bottles": {"dev": {"egress_proxy": {"routes": manifest_routes}}},
"agents": {"demo": {"skills": [], "prompt": "", "bottle": "dev"}},
})
return egress_proxy_routes_for_bottle(m.bottles["dev"])
# --- npmrc -----------------------------------------------------------
class TestRenderNpmrc(unittest.TestCase):
def test_canonical_upstream_url(self):
routes = _routes([
{"host": "registry.npmjs.org", "role": "npm-registry",
"auth": {"scheme": "Bearer", "token_ref": "NPM_TOKEN"}},
])
self.assertEqual(
"registry=https://registry.npmjs.org/\n",
render_npmrc(routes),
)
def test_empty_when_no_npm_role(self):
routes = _routes([
{"host": "api.github.com",
"auth": {"scheme": "Bearer", "token_ref": "GH"}},
])
self.assertEqual("", render_npmrc(routes))
def test_no_routes_empty(self):
self.assertEqual("", render_npmrc(()))
def test_no_auth_token_in_npmrc(self):
# The proxy injects auth; the npmrc must carry no secret —
# not even `:always-auth=true` lines that would prompt npm
# to wait for credentials. Just the registry URL.
routes = _routes([
{"host": "registry.npmjs.org", "role": "npm-registry",
"auth": {"scheme": "Bearer", "token_ref": "NPM_TOKEN"}},
])
out = render_npmrc(routes)
self.assertNotIn("_authToken", out)
self.assertNotIn("NPM_TOKEN", out)
# --- tea config ------------------------------------------------------
class TestRenderTeaConfig(unittest.TestCase):
def test_single_login(self):
routes = _routes([
{"host": "gitea.dideric.is", "role": "tea-login",
"auth": {"scheme": "token", "token_ref": "GITEA_TOKEN"}},
])
out = render_tea_config(routes)
self.assertIn("- name: gitea.dideric.is", out)
self.assertIn("url: https://gitea.dideric.is", out)
self.assertIn("token: egress-proxy-placeholder", out)
def test_multiple_logins_each_get_own_entry(self):
routes = _routes([
{"host": "gitea.a.example", "role": "tea-login",
"auth": {"scheme": "token", "token_ref": "T_A"}},
{"host": "gitea.b.example", "role": "tea-login",
"auth": {"scheme": "token", "token_ref": "T_B"}},
])
out = render_tea_config(routes)
self.assertIn("- name: gitea.a.example", out)
self.assertIn("- name: gitea.b.example", out)
def test_empty_when_no_tea_role(self):
routes = _routes([
{"host": "api.github.com",
"auth": {"scheme": "Bearer", "token_ref": "GH"}},
])
self.assertEqual("", render_tea_config(routes))
def test_no_routes_empty(self):
self.assertEqual("", render_tea_config(()))
def test_no_real_token_in_config(self):
routes = _routes([
{"host": "gitea.dideric.is", "role": "tea-login",
"auth": {"scheme": "token", "token_ref": "GITEA_TOKEN"}},
])
out = render_tea_config(routes)
# GITEA_TOKEN is just the env var name, not the value —
# placeholder-only is the SC.
self.assertIn("egress-proxy-placeholder", out)
if __name__ == "__main__":
unittest.main()