Skip to content

Block external network access in Python tests#14809

Open
rtibbles wants to merge 1 commit into
learningequality:developfrom
rtibbles:block-network-in-tests
Open

Block external network access in Python tests#14809
rtibbles wants to merge 1 commit into
learningequality:developfrom
rtibbles:block-network-in-tests

Conversation

@rtibbles
Copy link
Copy Markdown
Member

@rtibbles rtibbles commented Jun 5, 2026
edited
Loading

Summary

  • Python tests were making real requests to KDP and Studio (via the key urls test walking the portal validate_token and remote channel views) — recent CI failures were KDP 521s
  • Block all non-loopback network access at the socket level in conftest; mock the outbound requests in the key urls test

References

Reviewer guidance

  • Run any test with the network disconnected — the suite no longer depends on external services; to see the guard in action, add an unmocked requests.get to a test
  • The guard allows loopback only, so the postgres/morango/live-server CI jobs are unaffected (all use localhost)

AI usage

Written with Claude Code: it audited the suite for real network access by running it under a socket-level recording guard, then implemented the conftest guard. I reviewed the changes and verified the full suite passes locally with the network blocked.

@rtibbles @claude
Block external network access in Python tests
1cd6ef5 
The key urls walker test has been making real HTTP requests to the
Kolibri Data Portal (via the portal validate_token proxy view) and to
Studio (via the remote channel viewset) on every run since 2019,
failing whenever those services have an outage.

Patch socket.getaddrinfo and socket.socket.connect in conftest so any
attempt to reach a non-loopback address raises a clear error naming the
offending host, and mock the outbound requests in the key urls test at
the requests session level.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@github-actions github-actions Bot added DEV: backend Python, databases, networking, filesystem... SIZE: medium labels Jun 5, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Jun 5, 2026
edited
Loading

Build Artifacts

Asset type Download link
PEX file kolibri-0.19.5.dev87_geb155d697.d20260606.pex
Windows Installer (EXE) kolibri-0.19.5.dev87+geb155d697.d20260606-windows-setup-unsigned.exe
Debian Package kolibri_0.19.5.dev87+geb155d697-0ubuntu1_all.deb
Mac Installer (DMG) kolibri-0.19.5.dev87+geb155d697.d20260606.dmg
Android Package (APK) kolibri-0.19.5.dev87+geb155d697.d20260606-0.1.10-debug.apk
Raspberry Pi Image kolibri-pi-image-0.19.5.dev87+geb155d697.zip
TAR file kolibri-0.19.5.dev87+geb155d697.d20260606.tar.gz
WHL file kolibri-0.19.5.dev87+geb155d697.d20260606-py3-none-any.whl
Smoke test screenshot

Download screenshot

@rtibbles rtibbles force-pushed the block-network-in-tests branch from 598b60f to 1cd6ef5 Compare June 6, 2026 02:19
@rtibbles rtibbles changed the title Block external network access in Python tests and fix surfaced network error handling bugs Block external network access in Python tests Jun 6, 2026
@rtibbles rtibbles marked this pull request as ready for review June 6, 2026 02:21
@rtibbles rtibbles mentioned this pull request Jun 6, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

DEV: backend Python, databases, networking, filesystem... SIZE: small

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@rtibbles