From 92fee89e2099c192565af10309b2b0c12a7e011b Mon Sep 17 00:00:00 2001 From: didericis Date: Mon, 25 May 2026 04:26:06 -0400 Subject: [PATCH] test(supervise): skip queue round-trip test in docker-in-docker (PRD 0013) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The integration test test_tools_call_round_trips_through_queue relies on a host bind-mount to share the queue dir between the sidecar (writing proposals) and the test process (approving via dashboard helpers). In the Gitea Actions runner the docker socket forwards to the outer host's daemon, so bind-mount paths are resolved against the outer host's fs — not the runner container's. The sidecar writes its proposal where the test can't see it; the test times out. Add a one-shot probe that does docker run -v : and checks both directions of fs visibility. Skip the round-trip test when the probe fails. tools_list and the orphan-name test are unaffected — they don't touch the queue. Co-Authored-By: Claude Opus 4.7 --- tests/integration/test_supervise_sidecar.py | 47 +++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/tests/integration/test_supervise_sidecar.py b/tests/integration/test_supervise_sidecar.py index 6e65f05..4e00ed4 100644 --- a/tests/integration/test_supervise_sidecar.py +++ b/tests/integration/test_supervise_sidecar.py @@ -79,6 +79,52 @@ class TestSuperviseSidecar(unittest.TestCase): network_remove(self.internal_net) shutil.rmtree(self.work_dir, ignore_errors=True) + def _require_bind_mount_sharing(self) -> None: + """Skip if `docker run -v :` doesn't + share the filesystem between the test process and the spawned + container. In docker-in-docker CI (Gitea Actions runner with + host socket forwarded), bind-mount paths are resolved against + the outer host's fs, not the runner container's — so the + sidecar writes proposals to a dir the test process can't see. + + Cached on the class so the probe runs once per test session.""" + cached = getattr(type(self), "_bind_mount_ok", None) + if cached is True: + return + if cached is False: + self.skipTest( + "docker bind mounts don't share fs with this test process " + "(likely docker-in-docker); the supervise queue round-trip " + "requires real host fs sharing" + ) + probe_dir = Path(tempfile.mkdtemp(prefix="supervise-bind-probe.")) + try: + (probe_dir / "from-host").write_text("x") + r = subprocess.run( + [ + "docker", "run", "--rm", + "-v", f"{probe_dir}:/probe", + "--entrypoint", "sh", + CURL_IMAGE, + "-c", "test -f /probe/from-host && touch /probe/from-container", + ], + capture_output=True, + check=False, + ) + ok = ( + r.returncode == 0 + and (probe_dir / "from-container").exists() + ) + finally: + shutil.rmtree(probe_dir, ignore_errors=True) + type(self)._bind_mount_ok = ok + if not ok: + self.skipTest( + "docker bind mounts don't share fs with this test process " + "(likely docker-in-docker); the supervise queue round-trip " + "requires real host fs sharing" + ) + def _bring_up_sidecar(self) -> None: self.internal_net = network_create_internal(self.slug) plan = SupervisePlan( @@ -161,6 +207,7 @@ class TestSuperviseSidecar(unittest.TestCase): """End-to-end: agent in the bottle calls cred-proxy-block; the call blocks on the queue; the host approves via the dashboard helpers; the agent receives the approval.""" + self._require_bind_mount_sharing() self._bring_up_sidecar() captured: dict[str, object] = {}