test(git-http): wire the resolver into the access-hook-503 regression test
b1850be's fail-closed-503 test (rebased in from main) built a git-http server with a flat repo.git and no policy_resolver. The resolver-only data plane on this branch denies an unattributed request with 404 before it reaches the access-hook path the test exercises, so it saw 404 != 503. Nest the bare repo under <root>/<_BID>/ and set _FixedResolver(_BID) on the server, matching every other test in this module, so the request is attributed and reaches the access-hook (mocked to raise PermissionError) that the 503 fail-closed behavior guards. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01UoEZHDjv84ChoZbozQERhJ
This commit is contained in:
@@ -387,12 +387,13 @@ class TestGitHttpBackend(unittest.TestCase):
|
|||||||
|
|
||||||
with tempfile.TemporaryDirectory() as tmp:
|
with tempfile.TemporaryDirectory() as tmp:
|
||||||
root = Path(tmp)
|
root = Path(tmp)
|
||||||
(root / "repo.git").mkdir()
|
(root / _BID / "repo.git").mkdir(parents=True)
|
||||||
old_root = os.environ.get("GIT_PROJECT_ROOT")
|
old_root = os.environ.get("GIT_PROJECT_ROOT")
|
||||||
os.environ["GIT_PROJECT_ROOT"] = str(root)
|
os.environ["GIT_PROJECT_ROOT"] = str(root)
|
||||||
self.addCleanup(self._restore_env, old_root)
|
self.addCleanup(self._restore_env, old_root)
|
||||||
|
|
||||||
server = ThreadingHTTPServer(("127.0.0.1", 0), GitHttpHandler)
|
server = ThreadingHTTPServer(("127.0.0.1", 0), GitHttpHandler)
|
||||||
|
server.policy_resolver = _FixedResolver(_BID) # type: ignore[attr-defined]
|
||||||
thread = threading.Thread(target=server.serve_forever, daemon=True)
|
thread = threading.Thread(target=server.serve_forever, daemon=True)
|
||||||
thread.start()
|
thread.start()
|
||||||
self.addCleanup(server.shutdown)
|
self.addCleanup(server.shutdown)
|
||||||
|
|||||||
Reference in New Issue
Block a user