mirror of
https://github.com/pchuan98/codex.git
synced 2026-07-01 00:31:56 +08:00
e752f7b4ae
The workspace denies `clippy::expect_used` in production. Although `clippy.toml` allows `expect` in tests, Bazel Clippy compiles integration-test helper code in a way that does not receive that exemption, which encouraged verbose `unwrap_or_else(... panic!(...))` and equivalent `match`/`let else` forms. This allows `clippy::expect_used` once at each integration-test crate root (including aggregated suites and test-support libraries), then replaces manual panic-based Result and Option unwraps with `expect`/`expect_err`. Standalone `tests/*.rs` files remain their own crate roots. Intentional assertion and unexpected-variant panics remain unchanged, and the production `expect_used = "deny"` lint remains in place. The cleanup is mechanical and net-negative in line count.
110 lines
3.7 KiB
Rust
110 lines
3.7 KiB
Rust
use std::fmt;
|
|
use std::sync::Arc;
|
|
|
|
use anyhow::Result;
|
|
use codex_exec_server::Environment;
|
|
use codex_exec_server::ExecServerRuntimePaths;
|
|
use codex_exec_server::ExecutorFileSystem;
|
|
use codex_exec_server::FileSystemSandboxContext;
|
|
use codex_exec_server::LocalFileSystem;
|
|
use codex_protocol::models::PermissionProfile;
|
|
use codex_protocol::permissions::FileSystemAccessMode;
|
|
use codex_protocol::permissions::FileSystemPath;
|
|
use codex_protocol::permissions::FileSystemSandboxEntry;
|
|
use codex_protocol::permissions::FileSystemSandboxPolicy;
|
|
use codex_protocol::permissions::NetworkSandboxPolicy;
|
|
use codex_utils_absolute_path::AbsolutePathBuf;
|
|
|
|
use crate::common::exec_server::ExecServerHarness;
|
|
use crate::common::exec_server::TestCodexHelperPaths;
|
|
use crate::common::exec_server::exec_server;
|
|
use crate::common::exec_server::test_codex_helper_paths;
|
|
|
|
pub(crate) struct FileSystemContext {
|
|
pub(crate) file_system: Arc<dyn ExecutorFileSystem>,
|
|
_helper_paths: Option<TestCodexHelperPaths>,
|
|
_server: Option<ExecServerHarness>,
|
|
}
|
|
|
|
#[derive(Clone, Copy, Debug)]
|
|
pub(crate) enum FileSystemImplementation {
|
|
Local,
|
|
Remote,
|
|
}
|
|
|
|
impl fmt::Display for FileSystemImplementation {
|
|
fn fmt(&self, formatter: &mut fmt::Formatter<'_>) -> fmt::Result {
|
|
match self {
|
|
Self::Local => formatter.write_str("local"),
|
|
Self::Remote => formatter.write_str("remote"),
|
|
}
|
|
}
|
|
}
|
|
|
|
pub(crate) async fn create_file_system_context(
|
|
implementation: FileSystemImplementation,
|
|
) -> Result<FileSystemContext> {
|
|
match implementation {
|
|
FileSystemImplementation::Local => {
|
|
let helper_paths = test_codex_helper_paths()?;
|
|
let runtime_paths = ExecServerRuntimePaths::new(
|
|
helper_paths.codex_exe.clone(),
|
|
helper_paths.codex_linux_sandbox_exe.clone(),
|
|
)?;
|
|
Ok(FileSystemContext {
|
|
file_system: Arc::new(LocalFileSystem::with_runtime_paths(runtime_paths)),
|
|
_helper_paths: Some(helper_paths),
|
|
_server: None,
|
|
})
|
|
}
|
|
FileSystemImplementation::Remote => {
|
|
let server = exec_server().await?;
|
|
let environment =
|
|
Environment::create_for_tests(Some(server.websocket_url().to_string()))?;
|
|
Ok(FileSystemContext {
|
|
file_system: environment.get_filesystem(),
|
|
_helper_paths: None,
|
|
_server: Some(server),
|
|
})
|
|
}
|
|
}
|
|
}
|
|
|
|
pub(crate) fn absolute_path(path: std::path::PathBuf) -> AbsolutePathBuf {
|
|
assert!(
|
|
path.is_absolute(),
|
|
"path must be absolute: {}",
|
|
path.display()
|
|
);
|
|
AbsolutePathBuf::try_from(path).expect("path should be absolute")
|
|
}
|
|
|
|
pub(crate) fn read_only_sandbox(readable_root: std::path::PathBuf) -> FileSystemSandboxContext {
|
|
let readable_root = absolute_path(readable_root);
|
|
sandbox_context(vec![FileSystemSandboxEntry {
|
|
path: FileSystemPath::Path {
|
|
path: readable_root,
|
|
},
|
|
access: FileSystemAccessMode::Read,
|
|
}])
|
|
}
|
|
|
|
pub(crate) fn workspace_write_sandbox(
|
|
writable_root: std::path::PathBuf,
|
|
) -> FileSystemSandboxContext {
|
|
let writable_root = absolute_path(writable_root);
|
|
sandbox_context(vec![FileSystemSandboxEntry {
|
|
path: FileSystemPath::Path {
|
|
path: writable_root,
|
|
},
|
|
access: FileSystemAccessMode::Write,
|
|
}])
|
|
}
|
|
|
|
fn sandbox_context(entries: Vec<FileSystemSandboxEntry>) -> FileSystemSandboxContext {
|
|
FileSystemSandboxContext::from_permission_profile(PermissionProfile::from_runtime_permissions(
|
|
&FileSystemSandboxPolicy::restricted(entries),
|
|
NetworkSandboxPolicy::Restricted,
|
|
))
|
|
}
|