@@ -53,7 +53,7 @@ class TestEgressSidecarViaApply:
5353
5454 def test_builds_container_with_basic_config (self ):
5555 """Test that container is built with correct basic configuration."""
56- egress_image = "opensandbox/egress:v1.0.3 "
56+ egress_image = "opensandbox/egress:v1.0.4 "
5757 network_policy = NetworkPolicy (
5858 default_action = "deny" ,
5959 egress = [
@@ -70,7 +70,7 @@ def test_builds_container_with_basic_config(self):
7070
7171 def test_contains_egress_rules_environment_variable (self ):
7272 """Test that container includes OPENSANDBOX_EGRESS_RULES environment variable."""
73- egress_image = "opensandbox/egress:v1.0.3 "
73+ egress_image = "opensandbox/egress:v1.0.4 "
7474 network_policy = NetworkPolicy (
7575 default_action = "deny" ,
7676 egress = [NetworkRule (action = "allow" , target = "example.com" )],
@@ -86,7 +86,7 @@ def test_contains_egress_rules_environment_variable(self):
8686 assert env_vars [1 ]["value" ] == EGRESS_MODE_DNS
8787
8888 def test_contains_egress_token_when_provided (self ):
89- egress_image = "opensandbox/egress:v1.0.3 "
89+ egress_image = "opensandbox/egress:v1.0.4 "
9090 network_policy = NetworkPolicy (
9191 default_action = "deny" ,
9292 egress = [NetworkRule (action = "allow" , target = "example.com" )],
@@ -103,7 +103,7 @@ def test_contains_egress_token_when_provided(self):
103103 assert env_vars [EGRESS_MODE_ENV ] == EGRESS_MODE_DNS
104104
105105 def test_egress_mode_dns_nft (self ):
106- egress_image = "opensandbox/egress:v1.0.3 "
106+ egress_image = "opensandbox/egress:v1.0.4 "
107107 network_policy = NetworkPolicy (
108108 default_action = "deny" ,
109109 egress = [NetworkRule (action = "allow" , target = "example.com" )],
@@ -120,7 +120,7 @@ def test_egress_mode_dns_nft(self):
120120
121121 def test_serializes_network_policy_correctly (self ):
122122 """Test that network policy is correctly serialized to JSON."""
123- egress_image = "opensandbox/egress:v1.0.3 "
123+ egress_image = "opensandbox/egress:v1.0.4 "
124124 network_policy = NetworkPolicy (
125125 default_action = "deny" ,
126126 egress = [
@@ -145,7 +145,7 @@ def test_serializes_network_policy_correctly(self):
145145
146146 def test_handles_empty_egress_rules (self ):
147147 """Test that empty egress rules are handled correctly."""
148- egress_image = "opensandbox/egress:v1.0.3 "
148+ egress_image = "opensandbox/egress:v1.0.4 "
149149 network_policy = NetworkPolicy (
150150 default_action = "allow" ,
151151 egress = [],
@@ -161,7 +161,7 @@ def test_handles_empty_egress_rules(self):
161161
162162 def test_handles_missing_default_action (self ):
163163 """Test that missing default_action is handled (exclude_none=True)."""
164- egress_image = "opensandbox/egress:v1.0.3 "
164+ egress_image = "opensandbox/egress:v1.0.4 "
165165 network_policy = NetworkPolicy (
166166 egress = [NetworkRule (action = "allow" , target = "example.com" )],
167167 )
@@ -176,7 +176,7 @@ def test_handles_missing_default_action(self):
176176
177177 def test_security_context_adds_net_admin_not_privileged (self ):
178178 """Egress sidecar uses NET_ADMIN only (IPv6 is disabled in execd init when egress is on)."""
179- egress_image = "opensandbox/egress:v1.0.3 "
179+ egress_image = "opensandbox/egress:v1.0.4 "
180180 network_policy = NetworkPolicy (
181181 default_action = "deny" ,
182182 egress = [],
@@ -190,14 +190,14 @@ def test_security_context_adds_net_admin_not_privileged(self):
190190
191191 def test_no_command_uses_image_entrypoint (self ):
192192 container = _egress_container (
193- "opensandbox/egress:v1.0.3 " ,
193+ "opensandbox/egress:v1.0.4 " ,
194194 NetworkPolicy (default_action = "deny" , egress = []),
195195 )
196196 assert "command" not in container
197197
198198 def test_container_spec_is_valid_kubernetes_format (self ):
199199 """Test that returned container spec is in valid Kubernetes format."""
200- egress_image = "opensandbox/egress:v1.0.3 "
200+ egress_image = "opensandbox/egress:v1.0.4 "
201201 network_policy = NetworkPolicy (
202202 default_action = "deny" ,
203203 egress = [NetworkRule (action = "allow" , target = "example.com" )],
@@ -218,7 +218,7 @@ def test_container_spec_is_valid_kubernetes_format(self):
218218
219219 def test_handles_wildcard_domains (self ):
220220 """Test that wildcard domains in egress rules are handled correctly."""
221- egress_image = "opensandbox/egress:v1.0.3 "
221+ egress_image = "opensandbox/egress:v1.0.4 "
222222 network_policy = NetworkPolicy (
223223 default_action = "deny" ,
224224 egress = [
@@ -264,7 +264,7 @@ def test_adds_egress_sidecar_container(self):
264264 default_action = "deny" ,
265265 egress = [NetworkRule (action = "allow" , target = "example.com" )],
266266 )
267- egress_image = "opensandbox/egress:v1.0.3 "
267+ egress_image = "opensandbox/egress:v1.0.4 "
268268
269269 apply_egress_to_spec (
270270 containers ,
@@ -283,7 +283,7 @@ def test_does_not_touch_unrelated_pod_state(self):
283283 default_action = "deny" ,
284284 egress = [NetworkRule (action = "allow" , target = "example.com" )],
285285 )
286- egress_image = "opensandbox/egress:v1.0.3 "
286+ egress_image = "opensandbox/egress:v1.0.4 "
287287
288288 apply_egress_to_spec (
289289 containers ,
@@ -308,7 +308,7 @@ def test_preserves_existing_pod_sysctls_when_not_passed_in(self):
308308 default_action = "deny" ,
309309 egress = [NetworkRule (action = "allow" , target = "example.com" )],
310310 )
311- egress_image = "opensandbox/egress:v1.0.3 "
311+ egress_image = "opensandbox/egress:v1.0.4 "
312312
313313 apply_egress_to_spec (
314314 containers ,
@@ -330,7 +330,7 @@ def test_no_op_when_no_network_policy(self):
330330 apply_egress_to_spec (
331331 containers ,
332332 None ,
333- "opensandbox/egress:v1.0.3 " ,
333+ "opensandbox/egress:v1.0.4 " ,
334334 )
335335
336336 assert len (containers ) == 0
0 commit comments