test: push coverage from 76.1% to 90.1%#1
Merged
Merged
Conversation
Adds four new test files covering previously-uncovered branches in plugin_allowlist.go, uninstall.go, skillinject.go, manifest.go, and config.go. Focus areas: - snapshot + .pilot-bak + verify happy & rollback paths in mergePluginAllowList (Iter-2 audit's surviving real items) - removePluginAllowListEntry matrix (restore from backup, inverse merge, orphan bak cleanup, malformed config refusal, directory-as-config-path error) - loadManifestForUninstall (network / cached fallback / no-cache / garbage-cache / Uninstall error propagation) - manifest validation errors (wrong version, missing entrypoint, no tools, HTTP error, NewRequestWithContext error) - Tick edge cases (disabled-by-config short-circuit, entrypoint fetch fail, heartbeat fetch fail, heartbeat render fail) - Service Start/Stop lifecycle (graceful + ctx-deadline branch) - Run loop cancellation - writeHelper/writeFile/writeMarker permission and target-as-dir paths - micro-branches in walkObject / allowListContains / entryEnabled / verifyMarshalRoundTrip / classifyPluginAllowList All file I/O via t.TempDir(). Permission-based tests skip when running as root. Race-detector clean.
Welcome to Codecov 🎉Once you merge this PR into your default branch, you're all set! Codecov will compare coverage reports and display results in all future pull requests. ℹ️ You can also turn on project coverage checks and project coverage reporting on Pull Request comment Thanks for integrating Codecov - We've got you covered ☂️ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Bumps statement coverage from 76.1% → 90.1% by adding four new
*_test.gofiles that target previously-uncovered branches. Noproduction code changed.
Iter-2 audit follow-through
The audit flagged: skillinject symlink TOCTOU (downgraded to
FALSE_POSITIVE by the verification pass —
originalBytesis animmutable in-memory snapshot), snapshot rollback paths,
.pilot-bakhandling, and cross-process file lock. This PR pins tests on the
real items: the snapshot+swap+verify happy path AND the rollback
machinery, plus
.pilot-baklifecycle (preferred-restore detection,inverse-merge fallback, orphan cleanup, 0o600 file mode).
Coverage gaps closed
mergePluginAllowList64% → 72% (null-JSON re-init, disk errorsurfacing via reconcile outcome)
removePluginAllowListEntry25% → 81% (full path matrix)loadManifestForUninstall27% → 100% (network/cache/no-cache/garbage)fetchManifest77% → 100% (validation errors)Tick83% → 90% (disabled short-circuit, entrypoint/heartbeat fetchStop86% → 100% (graceful + ctx-deadline branches)logTick43% → 100% (nil, error, non-nil report)classifyPluginFile/classifyPluginAllowList/verifyOnDiskResult/
verifyMarshalRoundTripmicro-branchesCeiling lines (why 90% and not 100%)
Remaining gaps are operationally-unreachable defensive branches:
os.Rename/os.WriteFile/os.MkdirAll/os.Chmoderrorreturns inside well-formed atomic write paths
json.Marshalerrors onmap[string]any(only containsJSON-marshalable primitives)
walkObject len(parts)==0(strings.Split never returns empty)ensureAllowListEntry/EntryEnabled parent==nil(walkObject withcreate=true always materializes)
mergePluginAllowListpost-write rollback (needs in-process FSfault injection between rename and read-back; the unit-level
machinery —
verifyOnDiskResultfailure +writeFileAtomicrestore — is exercised directly in
TestRollbackMachinery_RestoreFromInMemorySnapshot)Pushing past 90% would require monkey-patching
osor addingindirection that costs more in fragility than it buys in confidence.
Test plan
go test -race -count=1 -timeout 180s ./...passes*_test.goonlyt.TempDir(); permission-based tests skipwhen euid==0