[Test Coverage] Improve test coverage for config-writer and logs-command-helpers#5713
Conversation
- config-writer.ts: 84.94% → 91.39% statements
- Add SSL Bump success path test (covers initSslDb call + success log messages)
- logs-command-helpers.ts: 88.52% → 96.72% statements
- New test file: src/commands/logs-command-helpers.test.ts
- findPolicyManifestForSource: null for running sources, null for missing path,
manifest found at source.path, AWF_AUDIT_DIR candidate inclusion
- runLogsCommand: policy manifest enrichment path (loadAllLogs, enrichWithPolicyRules,
computeRuleStats all called when manifest is co-located with log source)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Improves branch/line coverage for two security-critical code paths: SSL Bump initialization in config-writer and policy-manifest–aware enrichment in logs-command-helpers, by adding targeted Jest tests for previously uncovered branches.
Changes:
- Extend
src/config-writer-branches.test.tsto exercise the SSL Bump initialization success path (includinginitSslDbbeing invoked). - Add
src/commands/logs-command-helpers.test.tsto coverfindPolicyManifestForSourcecandidate selection/early returns and therunLogsCommandenrichment path when a manifest is available.
Show a summary per file
| File | Description |
|---|---|
| src/config-writer-branches.test.ts | Adds a success-path test for SSL Bump initialization and asserts initSslDb is called. |
| src/commands/logs-command-helpers.test.ts | New tests covering policy-manifest discovery fallbacks and verifying the enrichment branch is executed in runLogsCommand. |
Review details
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Files reviewed: 2/2 changed files
- Comments generated: 1
- Review effort level: Low
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
|
❌ Smoke Copilot BYOK AOAI (Entra) reports failed. AOAI BYOK (Entra) mode investigation needed... |
|
✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟 |
|
🚀 Security Guard has started processing this pull request |
|
✅ Smoke Claude passed |
|
✅ Build Test Suite completed successfully! |
|
✅ Contribution Check completed successfully! Contribution guidelines check complete for PR #5713: the changes are test-only, include appropriate tests alongside source files, use the expected src/ organization, and have a clear PR description. No comment needed. |
|
📡 Smoke OTel Tracing completed. All tracing scenarios validated. ✅ |
|
🔌 Smoke Services — All services reachable! ✅ |
|
✅ Smoke Copilot BYOK AOAI (api-key) completed. Copilot AOAI BYOK (api-key) mode operational. 🔓 |
|
🔑 Smoke Copilot PAT PAT auth validated. All systems operational. ✅ |
|
Chroot tests passed! Smoke Chroot - All security and functionality tests succeeded. |
|
✅ Smoke Copilot BYOK completed. Copilot BYOK mode operational. 🔓 |
|
✅ Smoke Gemini completed. All facets verified. 💎 |
|
📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤 |
✅ Coverage Check PassedOverall Coverage
📁 Per-file Coverage Changes (3 files)
Coverage comparison generated by |
Smoke Test: Claude Engine Validation
Overall result: PASS
|
Smoke Test: Copilot BYOK (Direct) Mode ✅All tests passed at 2026-06-30 13:56:46 UTC
Mode: Direct BYOK (COPILOT_PROVIDER_API_KEY) with credential injection via sidecar Result: PASS
|
🔥 Smoke Test Results — Auth mode: PAT (COPILOT_GITHUB_TOKEN)PR: [Test Coverage] Improve test coverage for config-writer and logs-command-helpers (
Overall: PASS
|
🔥 Smoke Test Results
PR: [Test Coverage] Improve test coverage for config-writer and logs-command-helpers Overall: PASS (MCP ✅, connectivity ✅, pre-step data not substituted)
|
|
Smoke test:
|
🔭 Smoke Test: API Proxy OpenTelemetry Tracing
All 5 scenarios pass. OTEL tracing integration is fully operational.
|
Chroot Version Comparison Results
Overall: ❌ Not all tests passed — Python and Node.js versions differ between host and chroot environments.
|
Smoke Test: Services Connectivity
Overall: FAIL — GitHub Actions service containers appear unreachable from this runner environment.
|
🏗️ Build Test Suite Results
Overall: 8/8 ecosystems passed — ✅ PASS
|
Smoke Test Results
Warning Firewall blocked 1 domainThe following domain was blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "localhost"See Network Configuration for more information.
|
|
Running in direct BYOK mode (COPILOT_PROVIDER_API_KEY + COPILOT_PROVIDER_BASE_URL) via api-proxy → Azure OpenAI (Foundry, o4-mini-aw)
|
|
Smoke Test Results:
Running in direct BYOK mode (AWF_AUTH_TYPE=github-oidc + AWF_AUTH_AZURE_* + COPILOT_PROVIDER_BASE_URL) via api-proxy → Azure OpenAI (Foundry, o4-mini-aw) authenticated via Microsoft Entra PASS
|
Covers two security-critical files that were identified as below target coverage.
Changes
src/config-writer-branches.test.ts(modified)initSslDbbeing called, and thelogger.info/logger.warnmessages emitted after a successful CA generation.initSslDbfrom the ssl-bump mock to enable assertions.src/commands/logs-command-helpers.test.ts(new)Tests for two uncovered branches in
logs-command-helpers.ts:findPolicyManifestForSource:nullfor arunningsource (type guard)nullwhensource.pathisundefinednullwhen no manifest file exists at any candidate pathsource.path/policy-manifest.jsonAWF_AUDIT_DIR/policy-manifest.jsonto candidates when the env var is setrunLogsCommand— enrichment path:loadAllLogs,enrichWithPolicyRules, andcomputeRuleStatsare all called whenfindPolicyManifestForSourcereturns a non-null manifest co-located with the log sourceCoverage Impact
src/config-writer.tssrc/commands/logs-command-helpers.ts