Skip to content

[Test Coverage] config-writer, agent-options, host-env branch coverage#5980

Merged
lpcox merged 1 commit into
mainfrom
test/coverage-new-branches-2026-07-07-0fb845dc7a57aa89
Jul 7, 2026
Merged

[Test Coverage] config-writer, agent-options, host-env branch coverage#5980
lpcox merged 1 commit into
mainfrom
test/coverage-new-branches-2026-07-07-0fb845dc7a57aa89

Conversation

@github-actions

@github-actions github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor

Summary

Adds 19 new tests covering previously-uncovered branches in three security-critical source files.

Files changed

src/config-writer-new-branches.test.ts (new)

Covers branches in src/config-writer.ts using a standalone fs mock:

Branch Line(s) Description
validateAndPrepareWorkDir non-dir guard 58 Throws when workDir exists but is not a directory
copySeccompProfile alt-path 95–97 Copies seccomp profile from dist-relative fallback path
copySeccompProfile missing both paths 100+ Throws with clear message when neither path exists
writeAuditArtifacts non-dir guard 162 Throws when auditDir exists but is not a directory

src/coverage-new-branches.test.ts (new)

Covers branches in src/commands/validators/agent-options.ts and src/host-env.ts:

Branch Line(s) Description
validateAgentOptions env success 45 Sets additionalEnv on successful parse
validateAgentOptions invalid env 39 process.exit(1) on invalid env var format
validateAgentOptions missing envFile 50 process.exit(1) when --env-file does not exist
validateAgentOptions mount success 67–68 Sets volumeMounts on successful parse
validateAgentOptions invalid mount 62 process.exit(1) on invalid volume mount
validateAgentOptions enableDlp 141 Logs DLP info and returns successfully
stripScheme URL error 81 Returns trimmed value when URL constructor throws

Coverage impact

These tests target the specific uncovered lines/branches reported by the coverage run:

  • src/config-writer.ts: branches at lines 57, 79, 94, 161
  • src/commands/validators/agent-options.ts: branches at lines 39, 50, 62, 140
  • src/host-env.ts: branch at line 72 (catch path)

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

Generated by Test Coverage Improver · 226.8 AIC · ⊞ 5.3K ·

Cover previously-uncovered code paths:

src/config-writer.ts:
- validateAndPrepareWorkDir: throws when workDir is not a directory (line 58)
- copySeccompProfile: copies from alt path when primary is missing (lines 95-97)
- copySeccompProfile: throws when neither path exists
- writeAuditArtifacts: throws when auditDir is not a directory (line 162)

src/commands/validators/agent-options.ts:
- env success path (additionalEnv assignment, line 45)
- invalid env var format (branch 39 — process.exit)
- missing envFile (branch 50 — process.exit)
- valid mount path (lines 67-68)
- invalid mount format (branch 62 — process.exit)
- enableDlp log path (line 141, branch 140)

src/host-env.ts:
- stripScheme: catch branch when URL constructor throws (line 81)

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@lpcox lpcox marked this pull request as ready for review July 7, 2026 12:11
Copilot AI review requested due to automatic review settings July 7, 2026 12:11

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds targeted Jest tests to increase branch/line coverage for previously-uncovered paths in security-critical modules (config-writer, validateAgentOptions, and stripScheme) without changing production behavior.

Changes:

  • Adds src/config-writer-new-branches.test.ts to cover config-writer guard/fallback branches (non-directory workDir/auditDir, seccomp fallback and missing-profile error).
  • Adds src/coverage-new-branches.test.ts to cover validateAgentOptions env/mount/envFile branches and stripScheme catch-path behavior.
Show a summary per file
File Description
src/coverage-new-branches.test.ts Adds branch-coverage tests for stripScheme and validateAgentOptions (env/mount/envFile/DLP branches).
src/config-writer-new-branches.test.ts Adds branch-coverage tests for config-writer workdir hardening, seccomp profile copy fallbacks, and audit-dir guards using a dedicated fs mock.

Review details

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

  • Files reviewed: 2/2 changed files
  • Comments generated: 0
  • Review effort level: Low

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

✅ Copilot review passed with no inline comments.

@github-actions[bot] Add the ready-for-aw label to this PR to trigger agentic CI smoke tests.

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

Smoke Claude passed

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

🔑 Smoke Copilot PAT PAT auth validated. All systems operational. ✅

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

🔌 Smoke Services — All services reachable! ✅

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

🚀 Security Guard has started processing this pull request

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

Contribution Check completed successfully!

PR #5980 follows the applicable CONTRIBUTING.md guidelines: it adds tests only, includes clear PR details, and places test files alongside source under src/. No contribution-guidelines comment needed.

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

Chroot tests failed Smoke Chroot failed - See logs for details.

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

Smoke Copilot BYOK AOAI (Entra) reports failed. AOAI BYOK (Entra) mode investigation needed...

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

Smoke Copilot BYOK completed. Copilot BYOK mode operational. 🔓

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

Build Test Suite completed successfully!

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

Smoke Copilot BYOK AOAI (api-key) reports failed. AOAI BYOK (api-key) mode investigation needed...

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

📡 Smoke OTel Tracing completed. All tracing scenarios validated. ✅

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

Smoke Gemini completed. All facets verified. 💎

Smoke test completed with failures. See PR comment for details.

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

✅ Coverage Check Passed

Overall Coverage

Metric Base PR Delta
Lines 98.82% 99.00% 📈 +0.18%
Statements 98.76% 98.95% 📈 +0.19%
Functions 99.72% 99.72% ➡️ +0.00%
Branches 95.19% 95.41% 📈 +0.22%
📁 Per-file Coverage Changes (3 files)
File Lines (Before → After) Statements (Before → After)
src/host-env.ts 95.9% → 98.0% (+2.04%) 94.1% → 98.0% (+3.92%)
src/config-writer.ts 91.4% → 96.8% (+5.38%) 91.4% → 96.8% (+5.38%)
src/commands/validators/agent-options.ts 93.0% → 100.0% (+7.02%) 93.0% → 100.0% (+7.02%)

Coverage comparison generated by scripts/ci/compare-coverage.ts

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

Smoke Test: Claude Engine Validation

Check Result
API Status ✅ PASS
GH Check ✅ PASS
File Status ✅ PASS

Overall Result: PASS

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

Generated by Smoke Claude for #5980 · 35.5 AIC · ⊞ 5.8K ·
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

Smoke Test Results

Test Result
GitHub MCP
GitHub.com HTTP ✅ 200
File Write/Read ⚠️ Template vars not substituted

Overall: PASS (core connectivity verified)

Author: @lpcox

Note: Pre-step template variables were not interpolated in agent context.

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

📰 BREAKING: Report filed by Smoke Copilot
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

Smoke Test: GitHub Actions Services Connectivity

  • Redis PING: ❌ Network is unreachable
  • PostgreSQL pg_isready: ❌ No response
  • PostgreSQL SELECT 1: ❌ Network is unreachable

Overall: FAILhost.docker.internal (172.17.0.1) is unreachable from this environment. Service containers may not be running or the network bridge is not available.

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

🔌 Service connectivity validated by Smoke Services
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

Smoke Test: Copilot PAT Auth — PASS ✅

Test Result
GitHub.com connectivity (HTTP 200)
File write/read (smoke-test-copilot-pat-28866182561.txt)
GitHub MCP connectivity

Auth mode: PAT (COPILOT_GITHUB_TOKEN)
CC: @lpcox
Overall: PASS

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

🔑 PAT report filed by Smoke Copilot PAT
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

Smoke Test: Copilot BYOK (Direct) — PASS

Running in direct BYOK mode (COPILOT_PROVIDER_API_KEY) via api-proxy → api.githubcopilot.com

Test Result
GitHub MCP connectivity
GitHub.com connectivity (HTTP 200)
File write/read test
BYOK inference test

Overall: PASS@lpcox

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

🔑 BYOK report filed by Smoke Copilot BYOK
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

Smoke Test Results: Gemini Engine Validation

  • GitHub MCP Testing: ❌ (Tools not found/Unauthorized)
  • GitHub.com Connectivity: ❌ (HTTP 000/Connection Failed)
  • File Writing Testing: ✅ (Success)
  • Bash Tool Testing: ✅ (Success)

Overall Status: FAIL

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • localhost

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "localhost"

See Network Configuration for more information.

💎 Faceted by Smoke Gemini
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

🏗️ Build Test Suite Results

Ecosystem Project Build/Install Tests Status
Bun elysia 1/1 passed ✅ PASS
Bun hono 1/1 passed ✅ PASS
C++ fmt N/A ✅ PASS
C++ json N/A ✅ PASS
Deno oak N/A 1/1 passed ✅ PASS
Deno std N/A 1/1 passed ✅ PASS
.NET hello-world N/A ✅ PASS
.NET json-parse N/A ✅ PASS
Go color 1/1 passed ✅ PASS
Go env 1/1 passed ✅ PASS
Go uuid 1/1 passed ✅ PASS
Java gson 1/1 passed ✅ PASS
Java caffeine 1/1 passed ✅ PASS
Node.js clsx 1/1 passed ✅ PASS
Node.js execa 1/1 passed ✅ PASS
Node.js p-limit 1/1 passed ✅ PASS
Rust fd 1/1 passed ✅ PASS
Rust zoxide 1/1 passed ✅ PASS

Overall: 8/8 ecosystems passed — ✅ PASS

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

Generated by Build Test Suite for #5980 · 80.4 AIC · ⊞ 6.9K ·
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

📡 Smoke Test: API Proxy OpenTelemetry Tracing

Scenario Status Notes
Module Loading ✅ Pass otel.js loaded; exports: startRequestSpan, setTokenAttributes, setBudgetAttributes, endSpan, endSpanError, shutdown, isEnabled
Test Suite ✅ Pass 59 tests passed across 2 suites (otel.test.js, otel-fanout.test.js)
Env Var Forwarding ⚠️ Expected (dev) Step checks api-proxy-service.ts; OTEL vars are in api-proxy-env-config.ts — expected during development
Token Tracker Integration ✅ Pass onUsage callback exists in token-tracker-http.js as the OTEL hook point
OTEL Diagnostics i️ No spans No span file found — no endpoint configured during test run (graceful degradation working)

Overall: ✅ All scenarios pass or are expected-pending during development. OTEL tracing integration is functioning correctly.

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

📡 OTel tracing validated by Smoke OTel Tracing
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

Smoke Test

  • fix: harden log directory management for ARC/DinD and rootless Docker
  • fix: tolerate EROFS when chmod on pre-existing mcp-logs dir fails
  • GitHub PR list
  • Playwright GitHub title
  • Build
  • Overall: FAIL

Warning

Firewall blocked 2 domains

The following domains were blocked by the firewall during workflow execution:

  • awmgmcpg
  • registry.npmjs.org

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"
    - "registry.npmjs.org"

See Network Configuration for more information.

🔮 The oracle has spoken through Smoke Codex
Add label ready-for-aw to run again

@lpcox lpcox merged commit 01b3d73 into main Jul 7, 2026
85 of 89 checks passed
@lpcox lpcox deleted the test/coverage-new-branches-2026-07-07-0fb845dc7a57aa89 branch July 7, 2026 12:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants