mirror of
https://github.com/NousResearch/hermes-agent.git
synced 2026-06-10 08:32:09 +00:00
330ca4585b
Persist the inbound user turn before provider/tool execution so a crash before run_conversation() (e.g. provider/httpx client init failure) keeps the inbound message in the transcript. Repair stale/missing SSL_CERT_FILE state on gateway startup, and avoid duplicate gateway fallback writes.
45 lines
No EOL
1.4 KiB
Python
45 lines
No EOL
1.4 KiB
Python
"""Regression tests for gateway SSL certificate environment repair."""
|
|
|
|
from types import SimpleNamespace
|
|
|
|
|
|
def test_ensure_ssl_certs_ignores_stale_ssl_cert_file(monkeypatch, tmp_path):
|
|
"""A missing SSL_CERT_FILE should be treated as unset, not trusted."""
|
|
import ssl
|
|
import sys
|
|
|
|
from gateway.run import _ensure_ssl_certs
|
|
|
|
cert_file = tmp_path / "cacert.pem"
|
|
cert_file.write_text("dummy cert bundle", encoding="utf-8")
|
|
stale_file = tmp_path / "missing.pem"
|
|
|
|
monkeypatch.setenv("SSL_CERT_FILE", str(stale_file))
|
|
monkeypatch.setattr(
|
|
ssl,
|
|
"get_default_verify_paths",
|
|
lambda: SimpleNamespace(cafile=None, openssl_cafile=None),
|
|
)
|
|
monkeypatch.setitem(
|
|
sys.modules,
|
|
"certifi",
|
|
SimpleNamespace(where=lambda: str(cert_file)),
|
|
)
|
|
|
|
_ensure_ssl_certs()
|
|
|
|
assert stale_file.exists() is False
|
|
assert __import__("os").environ["SSL_CERT_FILE"] == str(cert_file)
|
|
|
|
|
|
def test_ensure_ssl_certs_keeps_existing_ssl_cert_file(monkeypatch, tmp_path):
|
|
"""A valid user-provided SSL_CERT_FILE must not be overwritten."""
|
|
from gateway.run import _ensure_ssl_certs
|
|
|
|
cert_file = tmp_path / "existing.pem"
|
|
cert_file.write_text("dummy cert bundle", encoding="utf-8")
|
|
monkeypatch.setenv("SSL_CERT_FILE", str(cert_file))
|
|
|
|
_ensure_ssl_certs()
|
|
|
|
assert __import__("os").environ["SSL_CERT_FILE"] == str(cert_file) |