Find a non-flakey way to test outbound networking blocked networks #3325
Description
#3289 disabled the best existing test because it was causing lots of CI flake. As a security feature (potentially; depending on operator intent) it is important to have regression testing for this.
I omitted tests in #3323 because they would (presumably) have had the same problems as the test disabled above. Whatever solution we come up with for that should be adapted for any other blocked networks integration.
I've never been able to pin down the exact issue here. I can sometimes reproduce it locally but it seems to be some timing-dependent race; turning on multi-threading in the tests resolved things on my local machine (or at least significantly dropped the frequency of failing) but not in CI. I think the problem must be a race between lookup_host and its outer timeout.
Example test run failure: https://github.com/spinframework/spin/actions/runs/18210279338/job/51853644488?pr=3287#step:7:2261
expected ErrorCode::ConnectionReadTimeout to match ErrorCode::DestinationIpProhibited