[FEATURE] A way to allow all local IPs in network blocking context

kiwicom / pytest-recording

A pytest plugin that allows recording network interactions via VCR.py

MIT License

441 stars 35 forks source link

[FEATURE] A way to allow all local IPs in network blocking context #74

Open Stranger6667 opened 3 years ago

Stranger6667 commented 3 years ago

Is your feature request related to a problem? Please describe. When running in docker-compose you need to resolve local services first (e.g. DB) and then pass them to --allowed-hosts.

Describe the solution you'd like Add --allow-local-ips flag to CLI + related arg to the block mark to allow requests to local IPs. Use something like ipaddress.is_local to check all IPs in such a case.

Additional context The feature & approach was proposed by @selevit

rpocase commented 3 years ago

Is there an alternative that doesn't rely on resolving hostnames to concrete IPs (or at least doesn't require manual resolution)? I have a handful of backing services that are communicated with via HTTP, but their IPs are not necessarily local (e.g. gitlab services). I would expect doing something like --allowed-hosts=backing_service1,backing_service2 to work, but I can't get past Network Blocked. However, I can resolve their IPs at run time in my test bench and pass them to block_network

selevit commented 3 years ago

@rpocase, there is a different ticket for hostname resolving - #40.

BTW, python ipaddress.is_private function, will most likely consider your gitlab services as local ip addresses, as they should relate to the same docker network. @Stranger6667, I think we can replace ipaddress.is_local to ipaddress.is_private in the ticket description.

https://docs.python.org/3.9/library/ipaddress.html#ipaddress.IPv4Address.is_private