Add dedicated --allow-testing-features gate for builtinTestServer#542
Open
MGudgin wants to merge 2 commits into
Open
Add dedicated --allow-testing-features gate for builtinTestServer#542MGudgin wants to merge 2 commits into
MGudgin wants to merge 2 commits into
Conversation
This PR fixes a fail-open parity gap where the builtin test proxy
(network.proxy.builtinTestServer) could be activated on the Windows
process-container backends (AppContainer and BaseContainer) without any
gate, while bubblewrap gated it behind the overloaded --experimental
flag. It introduces a dedicated testing-only axis,
--allow-testing-features, enforced uniformly across all backends.
Details
* Add ExecutionRequest.testing_features_enabled, wired from a new
--allow-testing-features flag on wxc-exec, lxc-exec, and mxc-exec-mac.
* Enforce the gate centrally in validate_common (called by
ScriptRunner::run for every backend): reject
network.proxy.builtinTestServer unless the flag is set. This is a
distinct axis from --experimental ("unstable/new") versus
"not-for-production testing scaffolding".
* Remove bubblewrap's now-redundant local --experimental gate; the
central check covers it.
* The SDK forwards --allow-testing-features automatically when a
one-shot policy sets builtinTestServer, preserving SDK ergonomics
while the direct CLI/wxc-exec surface stays fail-closed.
* wxc-test-driver auto-passes the flag for configs that use
builtinTestServer; the bwrap proxy test script is updated.
* Docs updated: bubblewrap backend, examples, schema, policy v1, and
SDK type JSDoc.
Tests
* cargo fmt --check, cargo check --workspace --all-targets, and
cargo clippy --workspace --all-targets -- -D warnings all pass.
* Rust unit tests pass, including two new validate_common tests (reject
without the flag / accept with it) and an updated bwrap test
(wxc_common 340 passed; plus wxc, lxc, appcontainer_common,
wxc_test_driver).
* SDK: tsc build clean and npm test 178 passed, including two new
flag-forwarding tests.
* macOS mxc-exec-mac compiles on Windows but its runtime path was not
exercised on this host.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR introduces a dedicated --allow-testing-features CLI flag and a corresponding ExecutionRequest.testing_features_enabled bit to fail-closed gate the testing-only network.proxy.builtinTestServer feature across one-shot runners, replacing the prior ad-hoc/overloaded gating (notably Bubblewrap’s --experimental-based check).
Changes:
- Add
--allow-testing-featuresto native executors and plumb it intoExecutionRequest.testing_features_enabled. - Enforce
network.proxy.builtinTestServergating centrally inwxc_common::validator::validate_common, and remove Bubblewrap’s redundant local gate. - Forward the flag automatically from the SDK (and update docs/tests/scripts to reflect the new gating).
Show a summary per file
| File | Description |
|---|---|
| tests/scripts/run_bwrap_network_proxy_test.sh | Updates Bubblewrap proxy test invocation to pass --allow-testing-features. |
| src/testing/wxc_test_driver/src/main.rs | Auto-adds --allow-testing-features when configs appear to opt into builtinTestServer. |
| src/core/wxc/src/main.rs | Adds --allow-testing-features CLI flag and plumbs into one-shot ExecutionRequest. |
| src/core/wxc_common/src/validator.rs | Centralized validation rejects builtinTestServer unless testing features are enabled; adds unit tests. |
| src/core/wxc_common/src/models.rs | Adds testing_features_enabled to ExecutionRequest with documentation. |
| src/core/wxc_common/src/config_parser.rs | Defaults testing_features_enabled to false in parsed requests. |
| src/core/mxc_darwin/src/main.rs | Adds --allow-testing-features flag and plumbs into request. |
| src/core/lxc/src/main.rs | Adds --allow-testing-features flag and plumbs into request. |
| src/backends/bubblewrap/common/src/bwrap_runner.rs | Removes backend-local builtinTestServer gating and adjusts runner test accordingly. |
| sdk/tests/unit/sandbox.test.ts | Adds unit coverage ensuring the SDK forwards --allow-testing-features when needed. |
| sdk/src/types.ts | Updates type/JSDoc to document the new gate and SDK auto-forwarding. |
| sdk/src/helper.ts | Implements SDK auto-forwarding of --allow-testing-features when builtinTestServer is set. |
| docs/schema.md | Documents builtinTestServer as requiring --allow-testing-features. |
| docs/sandbox-policy/v1/policy.md | Updates policy docs to mention the new gate for builtinTestServer. |
| docs/examples.md | Expands examples/docs to explain the new testing-only flag and its rationale. |
| docs/bwrap-support/bubblewrap-backend.md | Updates Bubblewrap docs to reflect the new flag gating. |
Copilot's findings
- Files reviewed: 16/16 changed files
- Comments generated: 2
Comment on lines
+63
to
+67
| // builtinTestServer is testing-only scaffolding gated behind | ||
| // --allow-testing-features — pass it when the config opts in. | ||
| if content.contains("\"builtinTestServer\"") { | ||
| cmd.arg("--allow-testing-features"); | ||
| } |
| | `allowedHosts` | When set, ONLY these outbound hosts are reachable. Error if `allowOutbound` is not set. | | ||
| | `blockedHosts` | Hosts to block even when outbound is allowed. Error if `allowOutbound` is not set. | | ||
| | `proxy` | `{ builtinTestServer: true }` or `{ url: "..." }`. Routes all traffic through this proxy. Cannot be combined with other network flags. | | ||
| | `proxy` | `{ builtinTestServer: true }` or `{ url: "..." }`. Routes all traffic through this proxy. Cannot be combined with other network flags. `builtinTestServer` is testing-only and requires the `--allow-testing-features` flag (the SDK forwards it automatically when the policy uses it). | |
…host proxy
* wxc-test-driver now matches the concrete `"builtinTestServer": true` JSON
pattern (both spacings) instead of the bare key, avoiding false positives
(e.g. the string appearing inside process.commandLine) that could mask
fail-closed coverage.
* policy v1 doc lists `{ localhost: <port> }` as a proxy option in both the
type and the network table, matching the schema/SDK wire format.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Member
Author
|
Addressed both review comments in f726343:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR fixes a fail-open parity gap where the builtin test proxy
(
network.proxy.builtinTestServer) could be activated on the Windowsprocess-container backends (AppContainer and BaseContainer) without any gate,
while bubblewrap gated it behind the overloaded
--experimentalflag. Itintroduces a dedicated testing-only axis,
--allow-testing-features, enforceduniformly across all backends.
The root cause was that
--experimentalis a single overloaded axis (backendadmission + experimental features + testing-only helpers) — on the Windows
process-container family it is even self-contradictory as a gate, since it also
flips AppContainer to BaseContainer. The fix decouples "not-for-production
testing scaffolding" into its own flag.
Details
ExecutionRequest.testing_features_enabled, wired from a new--allow-testing-featuresflag onwxc-exec,lxc-exec, andmxc-exec-mac.validate_common(called byScriptRunner::runfor every backend): reject
network.proxy.builtinTestServerunless the flagis set. This is a distinct axis from
--experimental("unstable/new") versus"not-for-production testing scaffolding".
--experimentalgate; the centralcheck covers it.
--allow-testing-featuresautomatically when a one-shotpolicy sets
builtinTestServer, preserving SDK ergonomics while the directCLI/
wxc-execsurface stays fail-closed.wxc-test-driverauto-passes the flag for configs that usebuiltinTestServer; the bwrap proxy test script is updated.JSDoc.
Tests
cargo fmt --check,cargo check --workspace --all-targets, andcargo clippy --workspace --all-targets -- -D warningsall pass.validate_commontests (rejectwithout the flag / accept with it) and an updated bwrap test (wxc_common 340
passed; plus wxc, lxc, appcontainer_common, wxc_test_driver).
tscbuild clean andnpm test178 passed, including two newflag-forwarding tests.
mxc-exec-maccompiles on Windows but its runtime path was notexercised on this host.
Microsoft Reviewers: Open in CodeFlow