feat: adding network policies oo concepts

[dines-rl]

CodeAnt-AI Description

Add NetworkPolicy object API and improve SDK smoke tests and polling behavior

What Changed

• SDK exposes a NetworkPolicy object and networkPolicy operations to create, list, retrieve, update, and delete network policies, allowing callers to manage egress rules from the SDK and work with policy instances (getInfo, update, delete).
• Added comprehensive smoke tests covering NetworkPolicy lifecycle, egress configurations, retrieval by ID, and update scenarios.
• Blueprint and Devbox smoke tests now support longer build/polling timeouts and new blueprint build_context_dir usage to allow creating blueprints from a local directory; Devbox tests include an edge case for empty mounts.
• Storage object tests added an inline-mount format test so storage objects can be mounted by passing the object directly in mounts.
• Polling behavior changed: maxAttempts defaults to unlimited (no implicit attempt cap) and logic adjusted to respect an explicit maxAttempts; tests updated and new longer timeout constants added.
• Minor test tooling dependency bumps for Jest and ts-node.

Impact

✅ Manage network policies from the SDK
✅ Reliable blueprint builds with longer polling for slow builds
✅ Fewer manual steps to mount storage objects and configure devbox/network policies

💡 Usage Guide

Checking Your Pull Request

Every time you make a pull request, our system automatically looks through it. We check for security issues, mistakes in how you're setting up your infrastructure, and common code problems. We do this to make sure your changes are solid and won't cause any trouble later.

Talking to CodeAnt AI

Got a question or need a hand with something in your pull request? You can easily get in touch with CodeAnt AI right here. Just type the following in a comment on your pull request, and replace "Your question here" with whatever you want to ask:

@codeant-ai ask: Your question here

This lets you have a chat with CodeAnt AI about your pull request, making it easier to understand and improve your code.

Example

@codeant-ai ask: Can you suggest a safer alternative to storing this secret?

Preserve Org Learnings with CodeAnt

You can record team preferences so CodeAnt AI applies them in future reviews. Reply directly to the specific CodeAnt AI suggestion (in the same thread) and replace "Your feedback here" with your input:

@codeant-ai: Your feedback here

This helps CodeAnt AI learn and adapt to your team's coding style and standards.

Example

@codeant-ai: Do not flag unused imports.

Retrigger review

Ask CodeAnt AI to review the PR again, by typing:

@codeant-ai: review

Check Your Repository Health

To analyze the health of your code repository, visit our dashboard at https://app.codeant.ai. This tool helps you identify potential issues and areas for improvement in your codebase, ensuring your repository maintains high standards of code health.

[codeant-ai]

CodeAnt AI is reviewing your PR.

---

Thanks for using CodeAnt! 🎉

We're free for open-source projects. if you're enjoying it, help us grow by sharing.

Share on X ·
Reddit ·
LinkedIn

[codeant-ai]

CodeAnt AI finished reviewing your PR.

[dines-rl]

Smoke tests fail as this is not yet in prod

[github-actions]

⚠️ Object Smoke Tests & Coverage Report

Test Results

✅ All smoke tests passed

Coverage Results

Metric	Coverage	Required	Status
Functions	86.33%	100%	❌
Lines	79.31%	-	ℹ️
Branches	45.91%	-	ℹ️
Statements	78.08%	-	ℹ️

Coverage Requirement: 100% function coverage (all public methods must be called in smoke tests)

⚠️ Some object methods are not covered in smoke tests. Please add tests that call all public methods.

View detailed coverage report

Coverage reports are available in the workflow artifacts. Lines/branches/statements coverage is tracked but not required to be 100%.

📋 View workflow run

[github-actions]

⚠️ Object Smoke Tests & Coverage Report

Test Results

✅ All smoke tests passed

Coverage Results

Metric	Coverage	Required	Status
Functions	88.19%	100%	❌
Lines	80.65%	-	ℹ️
Branches	45.91%	-	ℹ️
Statements	79.37%	-	ℹ️

Coverage Requirement: 100% function coverage (all public methods must be called in smoke tests)

⚠️ Some object methods are not covered in smoke tests. Please add tests that call all public methods.

View detailed coverage report

Coverage reports are available in the workflow artifacts. Lines/branches/statements coverage is tracked but not required to be 100%.

📋 View workflow run

[github-actions]

⚠️ Object Smoke Tests & Coverage Report

Test Results

✅ All smoke tests passed

Coverage Results

Metric	Coverage	Required	Status
Functions	88.19%	100%	❌
Lines	80.65%	-	ℹ️
Branches	45.91%	-	ℹ️
Statements	79.37%	-	ℹ️

Coverage Requirement: 100% function coverage (all public methods must be called in smoke tests)

⚠️ Some object methods are not covered in smoke tests. Please add tests that call all public methods.

View detailed coverage report

Coverage reports are available in the workflow artifacts. Lines/branches/statements coverage is tracked but not required to be 100%.

📋 View workflow run

[github-actions]

⚠️ Object Smoke Tests & Coverage Report

Test Results

✅ All smoke tests passed

Coverage Results

Metric	Coverage	Required	Status
Functions	89.44%	100%	❌
Lines	82.37%	-	ℹ️
Branches	54.08%	-	ℹ️
Statements	81.03%	-	ℹ️

Coverage Requirement: 100% function coverage (all public methods must be called in smoke tests)

⚠️ Some object methods are not covered in smoke tests. Please add tests that call all public methods.

View detailed coverage report

Coverage reports are available in the workflow artifacts. Lines/branches/statements coverage is tracked but not required to be 100%.

📋 View workflow run

[github-actions]

⚠️ Object Smoke Tests & Coverage Report

Test Results

✅ All smoke tests passed

Coverage Results

Metric	Coverage	Required	Status
Functions	93.78%	100%	❌
Lines	83.9%	-	ℹ️
Branches	52.83%	-	ℹ️
Statements	82.5%	-	ℹ️

Coverage Requirement: 100% function coverage (all public methods must be called in smoke tests)

⚠️ Some object methods are not covered in smoke tests. Please add tests that call all public methods.

View detailed coverage report

Coverage reports are available in the workflow artifacts. Lines/branches/statements coverage is tracked but not required to be 100%.

📋 View workflow run

[github-actions]

✅ Object Smoke Tests & Coverage Report

Test Results

✅ All smoke tests passed

Coverage Results

Metric	Coverage	Required	Status
Functions	100%	100%	✅
Lines	87.73%	-	ℹ️
Branches	65.4%	-	ℹ️
Statements	86.18%	-	ℹ️

Coverage Requirement: 100% function coverage (all public methods must be called in smoke tests)

✅ All tests passed and all object methods are covered!

View detailed coverage report

Coverage reports are available in the workflow artifacts. Lines/branches/statements coverage is tracked but not required to be 100%.

📋 View workflow run

[codeant-ai]

CodeAnt AI is running Incremental review

---

Thanks for using CodeAnt! 🎉

We're free for open-source projects. if you're enjoying it, help us grow by sharing.

Share on X ·
Reddit ·
LinkedIn

[codeant-ai]

Suggestion: The lifecycle tests rely on the "create network policy" test to initialize shared state (policy and policyId), so running any of the later tests in isolation (e.g., via a focused test.only) will cause them to dereference an undefined policy, making the suite order-dependent and flaky; moving the creation into a beforeAll and letting the test only assert on that state makes each test robust. [logic error]

Severity Level: Critical 🚨

- ❌ CI flaky tests failing when tests run in isolation.
- ⚠️ Developer productivity slowed by ordering-dependent tests.
- ⚠️ Smoke test suite unstable across parallel runners.

Suggested change

	test(
	'create network policy',
	async () => {
	policy = await sdk.networkPolicy.create({
	name: uniqueName('sdk-network-policy'),
	allow_all: false,
	allowed_hostnames: ['github.com', '*.npmjs.org'],
	allow_devbox_to_devbox: false,
	description: 'Test network policy',
	});
	expect(policy).toBeDefined();
	expect(policy.id).toBeTruthy();
	policyId = policy.id;
	beforeAll(async () => {
	policy = await sdk.networkPolicy.create({
	name: uniqueName('sdk-network-policy'),
	allow_all: false,
	allowed_hostnames: ['github.com', '*.npmjs.org'],
	allow_devbox_to_devbox: false,
	description: 'Test network policy',
	});
	policyId = policy.id;
	});
	test(
	'create network policy',
	async () => {
	expect(policy).toBeDefined();
	expect(policy!.id).toBeTruthy();

Steps of Reproduction ✅

1. Run the test file focused on a later test (e.g., use `test.only` on `get network policy
info`) in `tests/smoketests/object-oriented/network-policy.test.ts:40` (the "get network
policy info" test). The file expects `policy` to be defined by the "create network policy"
test at `:23-38`. Since create wasn't executed, `policy` is undefined and the test
dereferences it at `:42` (`const info = await policy!.getInfo();`), causing an immediate
failure.

2. Reproduce locally by editing `tests/smoketests/object-oriented/network-policy.test.ts`
to add `.only` to any test after the create test (for example line 40) and run `yarn test
tests/smoketests/object-oriented/network-policy.test.ts`. Observe the failure originates
from the missing creation step referenced above.

3. Confirm in CI by configuring the runner to run a single test file or using
`--testNamePattern` to execute one of the later tests; the suite will fail because shared
state initialization is inside a different test instead of test lifecycle hooks
(`beforeAll`).

4. The proposed improvement moves creation into `beforeAll` (test file top-level lifecycle
at the same file) so each test in the suite can assume `policy` is present even when tests
are executed in isolation. This directly removes the order dependency demonstrated in
steps 1-3.

Prompt for AI Agent 🤖

This is a comment left during a code review.

**Path:** tests/smoketests/object-oriented/network-policy.test.ts
**Line:** 23:35
**Comment:**
	*Logic Error: The lifecycle tests rely on the "create network policy" test to initialize shared state (`policy` and `policyId`), so running any of the later tests in isolation (e.g., via a focused `test.only`) will cause them to dereference an undefined `policy`, making the suite order-dependent and flaky; moving the creation into a `beforeAll` and letting the test only assert on that state makes each test robust.

Validate the correctness of the flagged issue. If correct, How can I resolve this? If you propose a fix, implement it and please make it concise.

[alb-rl]

this is a flaw on many of the tests

[codeant-ai]

CodeAnt AI Incremental review completed.

[alb-rl]

when would maxAttempts be undefined? If it is, can we set a default on it

[alb-rl]

can we abstract this into a helper function? like cleanUpPolicy or something

[alb-rl]

need a devbox test with network policy id

[alb-rl]

need bpt tests with network_policy_id for build and also for launch_parameters

[alb-rl]

this is a flaw on many of the tests

[github-actions]

⚠️ Object Smoke Tests & Coverage Report

Test Results

✅ All smoke tests passed

Coverage Results

Metric	Coverage	Required	Status
Functions	98.75%	100%	❌
Lines	86.97%	-	ℹ️
Branches	65.4%	-	ℹ️
Statements	85.45%	-	ℹ️

Coverage Requirement: 100% function coverage (all public methods must be called in smoke tests)

⚠️ Some object methods are not covered in smoke tests. Please add tests that call all public methods.

View detailed coverage report

Coverage reports are available in the workflow artifacts. Lines/branches/statements coverage is tracked but not required to be 100%.

📋 View workflow run

[github-actions]

✅ Object Smoke Tests & Coverage Report

Test Results

✅ All smoke tests passed

Coverage Results

Metric	Coverage	Required	Status
Functions	100%	100%	✅
Lines	87.73%	-	ℹ️
Branches	65.4%	-	ℹ️
Statements	86.18%	-	ℹ️

Coverage Requirement: 100% function coverage (all public methods must be called in smoke tests)

✅ All tests passed and all object methods are covered!

View detailed coverage report

Coverage reports are available in the workflow artifacts. Lines/branches/statements coverage is tracked but not required to be 100%.

📋 View workflow run

[github-actions]

✅ Object Smoke Tests & Coverage Report

Test Results

✅ All smoke tests passed

Coverage Results

Metric	Coverage	Required	Status
Functions	100%	100%	✅
Lines	87.73%	-	ℹ️
Branches	65.4%	-	ℹ️
Statements	86.18%	-	ℹ️

Coverage Requirement: 100% function coverage (all public methods must be called in smoke tests)

✅ All tests passed and all object methods are covered!

View detailed coverage report

Coverage reports are available in the workflow artifacts. Lines/branches/statements coverage is tracked but not required to be 100%.

📋 View workflow run

[github-actions]

⚠️ Object Smoke Tests & Coverage Report

Test Results

✅ All smoke tests passed

Coverage Results

Metric	Coverage	Required	Status
Functions	99.37%	100%	❌
Lines	87.54%	-	ℹ️
Branches	65.4%	-	ℹ️
Statements	86%	-	ℹ️

Coverage Requirement: 100% function coverage (all public methods must be called in smoke tests)

⚠️ Some object methods are not covered in smoke tests. Please add tests that call all public methods.

View detailed coverage report

Coverage reports are available in the workflow artifacts. Lines/branches/statements coverage is tracked but not required to be 100%.

📋 View workflow run