test: add sandbox workflow e2e coverage#131
Conversation
There was a problem hiding this comment.
Pull request overview
Adds real bubblewrap-backed E2E coverage for the managed sandbox workflow (trace, SARIF, required-mode denial), plus supporting changes so the sandbox can locate the managed tool executable and so required-mode cgroup failures surface as structured runtime.sandbox_denial evidence.
Changes:
- Bind the managed tool executable (with its parent dirs) into bubblewrap and resolve symlinks during request normalization.
- Treat required-mode cgroup setup errors as
sandbox.Deniedevidence and rewrite captured diagnostics into a sandbox denial when so marked. - Add
CodingEthosRunWithEnv/RunWithEnvplumbing, symlink.venvinto the instrumented runtime when present, and add three sandbox workflow E2E tests.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| TODO.md | Marks the sandbox E2E TODO item as completed. |
| go/internal/sandbox/sandbox.go | Adds --ro-bind for the tool executable and EvalSymlinks of the executable path. |
| go/internal/sandbox/sandbox_test.go | Updates plan ordering check to compare against the last occurrence of the executable arg. |
| go/internal/managedcapture/capture.go | Marks cgroup-failed required runs as denied and synthesizes sandbox-denial diagnostics. |
| go/internal/e2e/scenario.go | Adds env-override command helpers and .venv symlinking in the instrumented runtime. |
| go/internal/e2e/sandbox_workflow_test.go | New sandbox workflow E2E tests for trace, SARIF, and required-mode denial. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Code Review
This pull request implements sandbox workflow tests and improves sandbox enforcement by handling denials more explicitly. Key changes include the addition of comprehensive end-to-end tests for sandboxed tool execution, the introduction of environment override support in the test harness, and logic to ensure tool executables are correctly bound within the sandbox. A review comment identifies that the new capturedExecutionDiagnostics function makes existing denial-handling logic in capturedOutcomeFindings and capturedSandboxFinding redundant, suggesting a cleanup to avoid dead code.
|
Closing in favor of signed replacement PR #133. The original branch contains unsigned commits and history-rewrite policy correctly blocks force-replacing it. |
## Summary - adds required-mode sandbox E2E coverage with Bubblewrap as a hard dependency - verifies write-scope behavior and SARIF policy id coverage - enforces signed git commits and blocks unsigned outgoing commits while keeping push certificates optional for GitHub compatibility Supersedes #131, whose branch contained unsigned commits and could not be force-replaced under history-rewrite policy. Closes #129. ## Verification - go test ./... -count=1 - make build - git log --format="%h %G? %s" origin/main..HEAD shows every branch commit as G
Closes #129.
Replaces #130, which was closed because this checkout had an incorrect local Git identity for its commits. This branch contains the same implementation as a correctly authored commit.
Summary
Verification