mirrors/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-06-19 10:02:16 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10
hermes-agent/tests/tools/test_dockerfile_node_modules_perms.py
shannonsands 6092be413d
Harden hosted Docker install tree against self-modification (#47490) 
* Harden hosted Docker install tree

* Document hosted Docker immutable install tree
2026-06-18 09:09:21 +10:00

22 lines
872 B
Python
Raw Blame History

"""Contract test: Docker TUI must not require writable node_modules.
Older images made /opt/hermes/ui-tui and /opt/hermes/node_modules writable so a
runtime npm install could repair stale dependencies. The hosted install tree is
now immutable, so the Docker image must take the prebuilt TUI bundle path
instead of writing to node_modules at runtime.
"""
from __future__ import annotations
from pathlib import Path
REPO_ROOT = Path(__file__).resolve().parents[2]
DOCKERFILE = REPO_ROOT / "Dockerfile"
def test_dockerfile_uses_prebuilt_tui_instead_of_writable_node_modules() -> None:
text = DOCKERFILE.read_text()
assert "ENV HERMES_TUI_DIR=/opt/hermes/ui-tui" in text
assert "cd ../ui-tui && npm run build" in text
assert "chown -R hermes:hermes /opt/hermes/ui-tui" not in text
assert "chown -R hermes:hermes /opt/hermes/node_modules" not in text
Reference in a new issue View git blame Copy permalink