stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
44248482836423b62d07e1e00d78de38a7e3bcad
git.stella-ops.org/docs/features/unchecked/tests/air-gap-test-enforcement.md

1.5 KiB
Raw Blame History

Air-Gap (No-Egress) Test Enforcement

Module

__Tests

Status

IMPLEMENTED

Description

Network-isolated test base classes and docker container builders that enforce no-egress in CI, with dedicated offline E2E tests.

Implementation Details

  • Network Isolated Test Base: src/__Tests/__Libraries/StellaOps.Testing.AirGap/NetworkIsolatedTestBase.cs -- xUnit test base class that runs tests in a network-isolated environment, verifying no outbound network calls are made during test execution.
  • Isolated Container Builder: src/__Tests/__Libraries/StellaOps.Testing.AirGap/Docker/IsolatedContainerBuilder.cs -- builds Docker containers with network isolation (no-egress) for air-gap integration tests using Testcontainers.
  • Offline E2E Tests: src/__Tests/offline/ -- dedicated offline end-to-end test suite that runs the full platform stack without network access.

E2E Test Plan

  • Run a test inheriting from NetworkIsolatedTestBase and verify it completes without making any outbound network requests
  • Build an isolated container via IsolatedContainerBuilder and verify it has no network connectivity (e.g., DNS resolution fails, HTTP requests time out)
  • Run the offline E2E test suite and verify all tests pass without network access
  • Verify detection: add a test that makes an outbound HTTP call while using NetworkIsolatedTestBase and confirm the test fails with a network isolation violation
  • Verify the isolated container runs the full platform stack (web service, database) in air-gap mode