hermes-agent/tests/docker/test_immutable_install_permissions.py

"""Docker smoke tests for immutable install permissions."""
from __future__ import annotations

import subprocess
import textwrap


def test_container_sets_hosted_write_policy_env(built_image: str) -> None:
    script = (
        'test "$HERMES_HOME" = "/opt/data" && '
        'test "$HERMES_WRITE_SAFE_ROOT" = "/opt/data" && '
        'test "$HERMES_DISABLE_LAZY_INSTALLS" = "1" && '
        'test "$PYTHONDONTWRITEBYTECODE" = "1"'
    )
    result = subprocess.run(
        ["docker", "run", "--rm", "--entrypoint", "sh", built_image, "-c", script],
        capture_output=True,
        text=True,
        timeout=60,
    )
    assert result.returncode == 0, result.stderr[-2000:]


def test_hermes_user_cannot_modify_install_but_can_write_data(built_image: str) -> None:
    script = textwrap.dedent(
        r"""
        set -eu
        /opt/hermes/.venv/bin/python - <<'PY'
        from pathlib import Path

        install_file = Path("/opt/hermes/agent/message_sanitization.py")
        try:
            with install_file.open("a", encoding="utf-8") as handle:
                handle.write("\n# unexpected hosted mutation\n")
        except PermissionError:
            pass
        else:
            raise SystemExit("install source write unexpectedly succeeded")

        skill_dir = Path("/opt/data/skills/permission-smoke")
        skill_dir.mkdir(parents=True, exist_ok=True)
        skill_file = skill_dir / "SKILL.md"
        skill_file.write_text("# Permission smoke\n", encoding="utf-8")
        if skill_file.read_text(encoding="utf-8") != "# Permission smoke\n":
            raise SystemExit("data write verification failed")
        PY
        """
    ).strip()
    result = subprocess.run(
        [
            "docker",
            "run",
            "--rm",
            "--entrypoint",
            "su",
            built_image,
            "hermes",
            "-s",
            "/bin/sh",
            "-c",
            script,
        ],
        capture_output=True,
        text=True,
        timeout=120,
    )
    assert result.returncode == 0, result.stderr[-2000:]