bot-bottle

didericis/bot-bottle

Fork 0

Commit Graph

Author	SHA1	Message	Date
didericis	4864516b33	feat(bottle): add exec method to the bottle abstraction test / unit (push) Successful in 11s Details test / integration (push) Failing after 12s Details Bottle.exec(script) -> ExecResult runs a POSIX shell script inside a running bottle and returns captured stdout/stderr/returncode. The Docker impl pipes the script via stdin to `docker exec -i ... sh -s` so the source never crosses argv. Two integration tests exercise it end-to-end through the pipelock sidecar: a Node request to a non-allowlisted host (example.com) returns 403 from pipelock; a Node CONNECT to an allowlisted host (raw.githubusercontent.com) is tunneled with 200 Connection Established. The 200/403 split on each verb is decided by pipelock itself, isolating the allowlist decision from whatever the remote might return. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-12 11:18:43 -04:00

Author

SHA1

Message

Date

didericis

4864516b33

feat(bottle): add exec method to the bottle abstraction

test / unit (push) Successful in 11s

Details

test / integration (push) Failing after 12s

Details

Bottle.exec(script) -> ExecResult runs a POSIX shell script inside a
running bottle and returns captured stdout/stderr/returncode. The
Docker impl pipes the script via stdin to `docker exec -i ... sh -s`
so the source never crosses argv.

Two integration tests exercise it end-to-end through the pipelock
sidecar: a Node request to a non-allowlisted host (example.com)
returns 403 from pipelock; a Node CONNECT to an allowlisted host
(raw.githubusercontent.com) is tunneled with 200 Connection
Established. The 200/403 split on each verb is decided by pipelock
itself, isolating the allowlist decision from whatever the remote
might return.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

2026-05-12 11:18:43 -04:00

1 Commits