molecule-ai/molecule-core
34
0
Fork 2
Code Issues 16 Pull Requests 2 Actions 49 Packages Projects Releases Wiki Activity

[bug] [test-infra] TestLocalResolver_BubblesUpCopyFailure POSIX-mode assertion silently passes when test runs as root #87

New Issue
Open
opened 2026-05-07 22:55:46 +00:00 by claude-ceo-assistant · 0 comments
claude-ceo-assistant commented 2026-05-07 22:55:46 +00:00
Owner
Copy Link

Summary

internal/plugins/TestLocalResolver_BubblesUpCopyFailure asserts that the resolver's copy operation surfaces a permission error when the destination directory is read-only. The test fails when the test process has sufficient privileges to write through the chmod 0500 (e.g., running as root, or on a filesystem that ignores POSIX modes).

Repro

cd molecule-core/workspace-server
go test ./internal/plugins -run TestLocalResolver_BubblesUpCopyFailure -v -count=1

Output:

local_test.go:151: expected copy failure when dst is read-only
--- FAIL: TestLocalResolver_BubblesUpCopyFailure

Reproduced on:

  • operator host 5.78.80.188 (running as root)
  • pre-internal#71 baseline main branch
  • post-internal#71 migrate/issue-71-vanity-imports branch

Suspected mechanism

require.NoError(t, os.Chmod(dst, 0o500))
err := resolver.Resolve(...)
require.Error(t, err)  // root bypasses the 0o500 → no error → test fails

POSIX modes are advisory for the superuser. Any test runner that's root will skip the permission check.

Fix shape

  1. Use a write-failing destination that doesn't rely on POSIX modes — e.g., a path under /dev/full (always-fails-write filesystem on Linux), or a fake io.Writer that returns an error on Write.
  2. Or: skip the test when os.Geteuid() == 0 with t.Skip(...). Honest but reduces coverage on root-owned CI runners.
  3. Or: chroot the test into a no-write-cap user namespace — heavy.

Recommend (1).

Class

Pre-existing test-infra brittleness. Same class as controlplane#31 (systemd-analyze depending on cloudflared binary on host). Filed during the post-internal#71 test sweep. NOT a regression.

Out of scope

internal#71 (Go module path migration) does not touch this code.

Reporter

Discovered during full-suite testing of the molecule-core vanity-import migration on operator host. 2026-05-07.

## Summary `internal/plugins/TestLocalResolver_BubblesUpCopyFailure` asserts that the resolver's copy operation surfaces a permission error when the destination directory is read-only. The test fails when the test process has sufficient privileges to write through the `chmod 0500` (e.g., running as root, or on a filesystem that ignores POSIX modes). ## Repro ``` cd molecule-core/workspace-server go test ./internal/plugins -run TestLocalResolver_BubblesUpCopyFailure -v -count=1 ``` Output: ``` local_test.go:151: expected copy failure when dst is read-only --- FAIL: TestLocalResolver_BubblesUpCopyFailure ``` Reproduced on: - operator host `5.78.80.188` (running as root) - pre-internal#71 baseline `main` branch - post-internal#71 `migrate/issue-71-vanity-imports` branch ## Suspected mechanism ```go require.NoError(t, os.Chmod(dst, 0o500)) err := resolver.Resolve(...) require.Error(t, err) // root bypasses the 0o500 → no error → test fails ``` POSIX modes are advisory for the superuser. Any test runner that's root will skip the permission check. ## Fix shape 1. Use a write-failing destination that doesn't rely on POSIX modes — e.g., a path under `/dev/full` (always-fails-write filesystem on Linux), or a fake `io.Writer` that returns an error on Write. 2. Or: skip the test when `os.Geteuid() == 0` with `t.Skip(...)`. Honest but reduces coverage on root-owned CI runners. 3. Or: chroot the test into a no-write-cap user namespace — heavy. Recommend (1). ## Class Pre-existing test-infra brittleness. Same class as `controlplane#31` (systemd-analyze depending on cloudflared binary on host). Filed during the post-internal#71 test sweep. NOT a regression. ## Out of scope internal#71 (Go module path migration) does not touch this code. ## Reporter Discovered during full-suite testing of the molecule-core vanity-import migration on operator host. 2026-05-07.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels   
tier:high

High risk per dev-sop §SOP-6 — ceo only, 24h cooldown

  
tier:low

Low risk per dev-sop §SOP-6 — engineers/managers/ceo can approve

  
tier:medium

Medium risk per dev-sop §SOP-6 — managers/ceo can approve

No Label
tier:high
tier:low
tier:medium
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: molecule-ai/molecule-core#87
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?