vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-16 19:51:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
09a41b2da49d582bd7ffd460f5fd66fb93ba423e
openclaw/src/agents/sandbox/docker.windows.test.ts
Vincent Koc bd33a340fb fix(sandbox): sanitize Docker env before marking OPENCLAW_CLI (#42256) 
* Sandbox: sanitize Docker env before exec marker injection

* Sandbox: add regression test for Docker exec marker env

* Sandbox: disable Windows shell fallback for Docker

* Sandbox: cover Windows Docker wrapper rejection

* Sandbox: test strict env sanitization through Docker args
2026-03-11 00:59:36 -04:00

67 lines
2.1 KiB
TypeScript
Raw Blame History

import { mkdir, writeFile } from "node:fs/promises";
import path from "node:path";
import { afterEach, describe, expect, it } from "vitest";
import { createTrackedTempDirs } from "../../test-utils/tracked-temp-dirs.js";
import { resolveDockerSpawnInvocation } from "./docker.js";
const tempDirs = createTrackedTempDirs();
const createTempDir = () => tempDirs.make("openclaw-docker-spawn-test-");
afterEach(async () => {
await tempDirs.cleanup();
});
describe("resolveDockerSpawnInvocation", () => {
it("keeps non-windows invocation unchanged", () => {
const resolved = resolveDockerSpawnInvocation(["version"], {
platform: "darwin",
env: {},
execPath: "/usr/bin/node",
});
expect(resolved).toEqual({
command: "docker",
args: ["version"],
shell: undefined,
windowsHide: undefined,
});
});
it("prefers docker.exe entrypoint over cmd shell fallback on windows", async () => {
const dir = await createTempDir();
const exePath = path.join(dir, "docker.exe");
const cmdPath = path.join(dir, "docker.cmd");
await writeFile(exePath, "", "utf8");
await writeFile(cmdPath, `@ECHO off\r\n"%~dp0\\docker.exe" %*\r\n`, "utf8");
const resolved = resolveDockerSpawnInvocation(["version"], {
platform: "win32",
env: { PATH: dir, PATHEXT: ".CMD;.EXE;.BAT" },
execPath: "C:\\node\\node.exe",
});
expect(resolved).toEqual({
command: exePath,
args: ["version"],
shell: undefined,
windowsHide: true,
});
});
it("rejects unresolved docker.cmd wrappers instead of shelling out", async () => {
const dir = await createTempDir();
const cmdPath = path.join(dir, "docker.cmd");
await mkdir(path.dirname(cmdPath), { recursive: true });
await writeFile(cmdPath, "@ECHO off\r\necho docker\r\n", "utf8");
expect(() =>
resolveDockerSpawnInvocation(["ps"], {
platform: "win32",
env: { PATH: dir, PATHEXT: ".CMD;.EXE;.BAT" },
execPath: "C:\\node\\node.exe",
}),
).toThrow(
/wrapper resolved, but no executable\/Node entrypoint could be resolved without shell execution\./i,
);
});
});
Reference in New Issue View Git Blame Copy Permalink