[awf] smoke-test: add services: port-mapping smoke test for --allow-host-service-ports compiler integration #1525
Description
Problem
When gh-aw compiles a workflow that uses GitHub Actions services: with port mappings, the compiler will auto-generate --allow-host-service-ports from those mappings (see gh-aw#23756). The AWF flag already exists and is implemented correctly, but there is no end-to-end smoke test validating the full path:
compiler extracts ports →
$\{\{ job.services.X.ports['PORT'] }}resolves at runner time → AWF receives numeric port(s) → iptables rules allow traffic to host gateway → agent successfully reaches the service container
Without this smoke test, regressions in any of the following could go undetected:
containers/agent/setup-iptables.shhost-service-port iptables rules (lines 239–280)src/cli.tsvalidateAllowHostServicePorts/applyHostServicePortsConfigsrc/host-iptables.tsallowHostServicePortshost-side rulessrc/docker-manager.tsAWF_HOST_SERVICE_PORTSenv var injection
Context
- Upstream feature request: feat: auto-generate --allow-host-service-ports from services: port mappings gh-aw#23756
- The
--allow-host-service-portsflag is fully implemented in AWF (src/cli.ts:1325,containers/agent/setup-iptables.sh:239–280,src/host-iptables.ts:457–464) - Existing unit tests cover the flag in isolation (
tests/integration/host-tcp-services.test.ts,src/host-iptables.test.ts:810,src/cli-workflow.test.ts:137) - No smoke workflow currently exercises
services:port mappings end-to-end
Root Cause
The AWF repository has no smoke test that boots a real GitHub Actions service container (e.g., Redis or PostgreSQL), lets the compiler-generated $\{\{ job.services.X.ports['PORT'] }} expression resolve to a concrete port, and verifies the AWF agent can actually reach that service.
Relevant files:
.github/workflows/smoke-*.md— smoke workflow sources (compiled withgh-aw compile)containers/agent/setup-iptables.sh:239–280— whereAWF_HOST_SERVICE_PORTSis converted to per-port ACCEPT rules scoped to the host gateway IPsrc/cli.ts:705–770— port validation and auto-enable-host-access logicsrc/host-iptables.ts:457–464— host-side iptables rules for service ports
Proposed Solution
Add a new smoke workflow (e.g., .github/workflows/smoke-services.md) that:
-
Declares a
services:block with at least Redis and PostgreSQL using explicit port mappings:services: redis: image: redis:7 ports: - 6379:6379 postgres: image: postgres:15 env: POSTGRES_PASSWORD: testpass ports: - 5432:5432 ```
-
Passes compiler-generated expressions to AWF via
--allow-host-service-ports:--allow-host-service-ports "$\{\{ job.services.redis.ports['6379'] }},$\{\{ job.services.postgres.ports['5432'] }}" -
Instructs the agent (e.g., Claude or Copilot) to:
- Run
redis-cli -h localhost -p $\{\{ job.services.redis.ports['6379'] }} pingand verifyPONG - Run
pg_isready -h localhost -p $\{\{ job.services.postgres.ports['5432'] }}and verify success - No special AWF context should be given to the agent — it should use the services as any normal workflow would
- Run
-
The agent must not be told about AWF port configuration — the whole point is that the compiler handles it transparently.
Implementation steps:
- Create
.github/workflows/smoke-services.mdfollowing the pattern of existing smoke workflows - Run
gh-aw compile .github/workflows/smoke-services.mdto generate the.lock.yml - Run
npx tsx scripts/ci/postprocess-smoke-workflows.tsto post-process the lock file (replace GHCR refs with local build, perAGENTS.md) - Add the workflow to the CI matrix (or run standalone on push/schedule)
Validation:
- Smoke passes end-to-end: agent reaches Redis and PostgreSQL via
localhost awf-squidaccess log shows no blocked traffic to host gateway ports- Verifies that dangerous ports (6379, 5432) are reachable via host gateway but NOT to the open internet (existing
host-tcp-services.test.tsalready covers the negative case)
Generated by Firewall Issue Dispatcher · ◷