Skip to content

chore: improve test coverage #1771

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
devantler merged 17 commits into from
Jan 18, 2026
Merged

chore: improve test coverage #1771

devantler merged 17 commits into from
Jan 18, 2026

Conversation

@devantler
Copy link
Collaborator

@devantler devantler commented Jan 17, 2026

Enhance test coverage by adding various test cases. This change aims to improve reliability and maintainability of the codebase.

@devantler
test: improve code coverage
821aa65 
Signed-off-by: Nikolai Emil Damm <[email protected]>
@devantler devantler self-assigned this Jan 17, 2026
@github-project-automation github-project-automation bot moved this to 🏃🏻‍♂️ In Progress in 🌊 Project Board Jan 17, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Jan 17, 2026
edited
Loading

⚠️MegaLinter analysis: Success with warnings

⚠️ REPOSITORY / checkov - 1 error 
2026-01-18 15:23:41,119 [MainThread  ] [ERROR]  Failed to invoke function /venvs/checkov/lib/python3.13/site-packages/checkov/common/runners/object_runner.<lambda> with ./.github/workflows/daily-qa.lock.yml
Traceback (most recent call last):
  File "/venvs/checkov/lib/python3.13/site-packages/checkov/github_actions/utils.py", line 79, in is_schema_valid
    validate(config_dict, gha_schema)
    ~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/venvs/checkov/lib/python3.13/site-packages/jsonschema/validators.py", line 1332, in validate
    raise error
jsonschema.exceptions.ValidationError: Additional properties are not allowed ('concurrency', 'jobs', 'on', 'permissions', 'run-name' were unexpected)

Failed validating 'additionalProperties' in schema:
    {'$comment': 'https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions',
     '$schema': 'http://json-schema.org/draft-07/schema',
     'additionalProperties': False,
     'definitions': {'expressionSyntax': {'type': 'string',
                                          '$comment': 'escape `{` and `}` '
                                                      'in pattern to be '
                                                      'unicode compatible '
                                                      '(#1360)',
                                          'pattern': '^\\$\\{\\{.*\\}\\}$'},
                     'pre-if': {'$comment': 'https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#pre-if',
                                'description': 'Allows you to define '
                                               'conditions for the `pre:` '
                                               'action execution. The '
                                               '`pre:` action will only '
                                               'run if the conditions in '
                                               '`pre-if` are met. If not '
                                               'set, then `pre-if` '
                                               'defaults to `always()`. '
                                               'Note that the `step` '
                                               'context is unavailable, as '
                                               'no steps have run yet.',
                                'type': 'string'},
                     'post-if': {'$comment': 'https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#post-if',
                                 'description': 'Allows you to define '
                                                'conditions for the '
                                                '`post:` action execution. '
                                                'The `post:` action will '
                                                'only run if the '
                                                'conditions in `post-if` '
                                                'are met. If not set, then '
                                                '`post-if` defaults to '
                                                '`always()`.',
                                 'type': 'string'},
                     'runs-javascript': {'$comment': 'https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#runs-for-javascript-actions',
                                         'description': 'Configures the '
                                                        'path to the '
                                                        "action's code and "
                                                        'the application '
                                                        'used to execute '
                                                        'the code.',
                                         'type': 'object',
                                         'properties': {'using': {'$comment': 'https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#runsusing',
                                                                  'description': 'The '
                                                                                 'application '
                                                                                 'used '
                                                                                 'to '
                                                                                 'execute '
                                                                                 'the '
                                                                                 'code '
                                                                                 'specified '
                                                                                 'in '
                                                                                 '`main`.',
                                                                  'enum': ['node12',
                                                                           'node16']},
                                                        'main': {'$comment': 'https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#runsmain',
                                                                 'description': 'The '
                                                                                'file '
                                                                                'that '
                                                                                'contains '
                                                                                'your '
                                                                                'action '
                                                                                'code. '
                                                                                'The '
                                                                                'application '
                                                                                'specified '
                                                                                'in '
                                                                                '`using` '
                                                                                'executes '
                                                                                'this '
                                                                                'file.',
                                                                 'type': 'string'},
                                                        'pre': {'$comment': 'https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#pre',
                                                                'description': 'Allows '
                                                                               'you '
                                                                               'to '
                                                                               'run '
                                                                               'a '
                                                                               'script '
                                                                               'at '
                                                                               'the '
                                                                               'start '
                                                                               'of '
                                                                               'a '
                                                                               'job, '
                                                                               'before '
                                                                               'the '
                                                                               '`main:` '
                                                                               'action '
                                                                               'begins. '
                                                                               'For '
                                                                               'example, '
                                                                               'you '
                                                                               'can '
                                                                               'use '
                                                                               '`pre:` '
                                                                               'to '
                                                                               'run '
                                                                               'a '
                                                                               'prerequisite '
                                                                               'setup '
                                                                               'script. '
                                                                               'The '
                                                                               'application '
                                                                               'specified '
                                                                               'with '
                                                                               'the '
                                                                               '`using` '
              

(Truncated to 10000 characters out of 2259459)
⚠️ REPOSITORY / grype - 3 errors 
[0000]  WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) from=syft
NAME                          INSTALLED  FIXED IN  TYPE       VULNERABILITY        SEVERITY  EPSS           RISK   
@anthropic-ai/claude-code     1.0.128    2.0.31    npm        GHSA-7mv8-j34q-vp7q  High      < 0.1% (26th)  < 0.1  
github.com/anchore/grype      v0.95.0    0.104.1   go-module  GHSA-6gxw-85q2-q646  High      < 0.1% (3rd)   < 0.1  
github.com/nwaples/rardecode  v1.1.3               go-module  GHSA-rwvp-r38j-9rgg  Medium    < 0.1% (2nd)   < 0.1
[0039] ERROR discovered vulnerabilities at or above the severity threshold
⚠️ MARKDOWN / markdownlint - 1 error 
.github/workflows/update-docs.md:127 error MD028/no-blanks-blockquote Blank line inside blockquote
⚠️ REPOSITORY / trivy - 1 error 
2026-01-18T15:25:28Z	INFO	[vulndb] Need to update DB
2026-01-18T15:25:28Z	INFO	[vulndb] Downloading vulnerability DB...
2026-01-18T15:25:28Z	INFO	[vulndb] Downloading artifact...	repo="mirror.gcr.io/aquasec/trivy-db:2"
8.53 MiB / 78.81 MiB [------>_______________________________________________________] 10.82% ? p/s ?40.47 MiB / 78.81 MiB [------------------------------->_____________________________] 51.35% ? p/s ?71.78 MiB / 78.81 MiB [------------------------------------------------------->_____] 91.08% ? p/s ?78.81 MiB / 78.81 MiB [--------------------------------------------->] 100.00% 117.02 MiB p/s ETA 0s78.81 MiB / 78.81 MiB [--------------------------------------------->] 100.00% 117.02 MiB p/s ETA 0s78.81 MiB / 78.81 MiB [--------------------------------------------->] 100.00% 117.02 MiB p/s ETA 0s78.81 MiB / 78.81 MiB [--------------------------------------------->] 100.00% 109.47 MiB p/s ETA 0s78.81 MiB / 78.81 MiB [--------------------------------------------->] 100.00% 109.47 MiB p/s ETA 0s78.81 MiB / 78.81 MiB [--------------------------------------------->] 100.00% 109.47 MiB p/s ETA 0s78.81 MiB / 78.81 MiB [--------------------------------------------->] 100.00% 102.41 MiB p/s ETA 0s78.81 MiB / 78.81 MiB [--------------------------------------------->] 100.00% 102.41 MiB p/s ETA 0s78.81 MiB / 78.81 MiB [--------------------------------------------->] 100.00% 102.41 MiB p/s ETA 0s78.81 MiB / 78.81 MiB [---------------------------------------------->] 100.00% 95.80 MiB p/s ETA 0s78.81 MiB / 78.81 MiB [---------------------------------------------->] 100.00% 95.80 MiB p/s ETA 0s78.81 MiB / 78.81 MiB [---------------------------------------------->] 100.00% 95.80 MiB p/s ETA 0s78.81 MiB / 78.81 MiB [-------------------------------------------------] 100.00% 28.06 MiB p/s 3.0s2026-01-18T15:25:32Z	INFO	[vulndb] Artifact successfully downloaded	repo="mirror.gcr.io/aquasec/trivy-db:2"
2026-01-18T15:25:32Z	INFO	[vuln] Vulnerability scanning is enabled
2026-01-18T15:25:32Z	INFO	[misconfig] Misconfiguration scanning is enabled
2026-01-18T15:25:32Z	INFO	[misconfig] Need to update the checks bundle
2026-01-18T15:25:32Z	INFO	[misconfig] Downloading the checks bundle...
165.46 KiB / 165.46 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2026-01-18T15:25:33Z	INFO	[npm] To collect the license information of packages, "npm install" needs to be performed beforehand	dir="docs/node_modules"
2026-01-18T15:25:37Z	INFO	Suppressing dependencies for development and testing. To display them, try the '--include-dev-deps' flag.
2026-01-18T15:25:37Z	INFO	Number of language-specific files	num=3
2026-01-18T15:25:37Z	INFO	[gomod] Detecting vulnerabilities...
2026-01-18T15:25:38Z	INFO	[npm] Detecting vulnerabilities...
2026-01-18T15:25:38Z	INFO	Detected config files	num=4

Report Summary

┌─────────────────────────────────────────────────┬────────────┬─────────────────┬───────────────────┐
│                     Target                      │    Type    │ Vulnerabilities │ Misconfigurations │
├─────────────────────────────────────────────────┼────────────┼─────────────────┼───────────────────┤
│ .github/scripts/generate-schema/go.mod          │   gomod    │        0        │         -         │
├─────────────────────────────────────────────────┼────────────┼─────────────────┼───────────────────┤
│ docs/package-lock.json                          │    npm     │        1        │         -         │
├─────────────────────────────────────────────────┼────────────┼─────────────────┼───────────────────┤
│ go.mod                                          │   gomod    │        2        │         -         │
├─────────────────────────────────────────────────┼────────────┼─────────────────┼───────────────────┤
│ .github/fixtures/reconcile-test/deployment.yaml │ kubernetes │        -        │         0         │
├─────────────────────────────────────────────────┼────────────┼─────────────────┼───────────────────┤
│ .github/fixtures/reconcile-test/namespace.yaml  │ kubernetes │        -        │         0         │
├─────────────────────────────────────────────────┼────────────┼─────────────────┼───────────────────┤
│ Dockerfile                                      │ dockerfile │        -        │         0         │
├─────────────────────────────────────────────────┼────────────┼─────────────────┼───────────────────┤
│ pkg/io/config-manager/talos/Dockerfile          │ dockerfile │        -        │         2         │
└─────────────────────────────────────────────────┴────────────┴─────────────────┴───────────────────┘
Legend:
- '-': Not scanned
- '0': Clean (no security findings detected)


For OSS Maintainers: VEX Notice
--------------------------------
If you're an OSS maintainer and Trivy has detected vulnerabilities in your project that you believe are not actually exploitable, consider issuing a VEX (Vulnerability Exploitability eXchange) statement.
VEX allows you to communicate the actual status of vulnerabilities in your project, improving security transparency and reducing false positives for your users.
Learn more and start using VEX: https://trivy.dev/docs/v0.68/guide/supply-chain/vex/repo#publishing-vex-documents

To disable this notice, set the TRIVY_DISABLE_VEX_NOTICE environment variable.


docs/package-lock.json (npm)
============================
Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)

┌───────────────────────────┬────────────────┬──────────┬────────┬───────────────────┬───────────────┬─────────────────────────────────────────────────────────────┐
│          Library          │ Vulnerability  │ Severity │ Status │ Installed Version │ Fixed Version │                            Title                            │
├───────────────────────────┼────────────────┼──────────┼────────┼───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ @anthropic-ai/claude-code │ CVE-2025-64755 │ HIGH     │ fixed  │ 1.0.128           │ 2.0.31        │ @anthropic-ai/claude-code has Sed Command Validation Bypass │
│                           │                │          │        │                   │               │ that Allows Arbitrary File Writes                           │
│                           │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2025-64755                  │
└───────────────────────────┴────────────────┴──────────┴────────┴───────────────────┴───────────────┴─────────────────────────────────────────────────────────────┘

go.mod (gomod)
==============
Total: 2 (UNKNOWN: 0, LOW: 0, MEDIUM: 1, HIGH: 1, CRITICAL: 0)

┌──────────────────────────────┬────────────────┬──────────┬──────────┬───────────────────┬───────────────┬─────────────────────────────────────────────────────────────┐
│           Library            │ Vulnerability  │ Severity │  Status  │ Installed Version │ Fixed Version │                            Title                            │
├──────────────────────────────┼────────────────┼──────────┼──────────┼───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ github.com/anchore/grype     │ CVE-2025-65965 │ HIGH     │ fixed    │ v0.95.0           │ 0.104.1       │ Grype has a credential disclosure vulnerability in its JSON │
│                              │                │          │          │                   │               │ output                                                      │
│                              │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2025-65965                  │
├──────────────────────────────┼────────────────┼──────────┼──────────┼───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ github.com/nwaples/rardecode │ CVE-2025-11579 │ MEDIUM   │ affected │ v1.1.3            │               │ github.com/nwaples/rardecode: RarDecode Out Of Memory Crash │
│                              │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2025-11579                  │
└──────────────────────────────┴────────────────┴──────────┴──────────┴───────────────────┴───────────────┴─────────────────────────────────────────────────────────────┘

pkg/io/config-manager/talos/Dockerfile (dockerfile)
===================================================
Tests: 27 (SUCCESSES: 25, FAILURES: 2)
Failures: 2 (UNKNOWN: 0, LOW: 1, MEDIUM: 0, HIGH: 1, CRITICAL: 0)

AVD-DS-0002 (HIGH): Specify at least 1 USER command in Dockerfile with non-root user as argument
════════════════════════════════════════
Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.

See https://avd.aquasec.com/misconfig/ds002
────────────────────────────────────────


AVD-DS-0026 (LOW): Add HEALTHCHECK instruction in your Dockerfile
════════════════════════════════════════
You should add HEALTHCHECK instruction in your docker container images to perform the health check on running containers.

See https://avd.aquasec.com/misconfig/ds026
────────────────────────────────────────

✅ Linters with no issues

actionlint, bash-exec, git_diff, hadolint, jscpd, jsonlint, lychee, markdown-table-formatter, prettier, prettier, shellcheck, shfmt, stylelint, syft, trivy-sbom, trufflehog, v8r, v8r, yamllint

See detailed reports in MegaLinter artifacts

MegaLinter is graciously provided by OX Security

@devantler devantler changed the title Improve test coverage for Cilium and Calico installers improve test coverage Jan 17, 2026
@codecov
Copy link

codecov bot commented Jan 17, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@devantler devantler changed the title improve test coverage chore: improve test coverage Jan 17, 2026
devantler and others added 6 commits January 18, 2026 14:37
@devantler
Merge branch 'main' into test/improve-code-coverage
103eff7
@devantler
feat(tests): add comprehensive unit tests for YAML marshaller and flu…
a1422e2 
…x installer

- Implement unit tests for marshalling and unmarshalling of nested structures in YAML marshaller.
- Enhance existing tests with cases for special characters, unicode, and negative values.
- Introduce tests for round-trip marshalling and unmarshalling for both simple and nested models.
- Create test wrappers for internal functions in the flux installer package to facilitate testing.
- Add unit tests for FluxInstance deep copy methods and ensure proper functionality.
- Implement tests for building Docker config JSON, external registry URLs, and local registry URLs.
- Validate the behavior of transient API error handling and polling until resources are ready.
- Ensure default resources are correctly handled with nil configurations.

Signed-off-by: Nikolai Emil Damm <[email protected]>
@devantler
test: add unit tests for cluster and OCI error handling
ddb6c48 
Signed-off-by: Nikolai Emil Damm <[email protected]>
@devantler
test: add unit tests for error handling in config-manager and k8s pac…
1ed744b 
…kages

Signed-off-by: Nikolai Emil Damm <[email protected]>
@devantler
test: improve error handling tests and coverage across multiple packages
4edcb82 
Signed-off-by: Nikolai Emil Damm <[email protected]>
@devantler
chore: apply golangci-lint fixes
1264c8d
@devantler devantler marked this pull request as ready for review January 18, 2026 15:08
Copilot AI review requested due to automatic review settings January 18, 2026 15:08
@devantler devantler enabled auto-merge January 18, 2026 15:08
Copilot AI reviewed Jan 18, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This pull request significantly enhances test coverage across the KSail codebase by adding comprehensive unit tests for multiple packages. The changes include new test files for error handling, API types, installer components, Kubernetes utilities, I/O operations, and client packages.

Changes:

  • Added extensive unit test coverage for core packages including flux installer, CNI installers (Cilium/Calico), k8s utilities, I/O operations, and API types
  • Introduced test export files to expose internal functions for testing in several packages
  • Refactored existing test organization for better maintainability
  • Minor code cleanup including comment updates and linter exception additions

Reviewed changes

Copilot reviewed 31 out of 31 changed files in this pull request and generated no comments.

Show a summary per file
File Description
pkg/utils/envvar/expand_test.go Enhanced test cases with parallel execution support and better organization
pkg/svc/provisioner/cluster/errors/errors_test.go New comprehensive error validation tests
pkg/svc/provider/provider_test.go New provider tests using mocks to verify functionality
pkg/svc/installer/flux/resources_test.go Comprehensive flux resource builder tests
pkg/svc/installer/flux/fluxinstance_types_test.go DeepCopy and type validation tests for FluxInstance
pkg/svc/installer/flux/export_test.go Exports internal functions for external testing
pkg/svc/installer/cni/cilium/installer_test.go Enhanced installer tests with snapshot testing
pkg/svc/installer/cni/calico/installer_test.go Enhanced installer tests with snapshot testing
pkg/k8s/rest_config_test.go New tests for REST config building
pkg/k8s/multi_resource_test.go Tests for multi-resource waiting functionality
pkg/k8s/kubeconfig_test.go Comprehensive kubeconfig cleanup tests
pkg/k8s/errors_test.go Error constant validation tests
pkg/k8s/apiserver_test.go API server readiness checking tests
pkg/io/validator/metadata_test.go Metadata validation tests
pkg/io/marshaller/yaml_marshaller_test.go Extended YAML marshalling tests including round-trip
pkg/io/generator/talos/generator_test.go Extensive Talos generator tests for all patches
pkg/io/generator/generator_test.go Refactored test case organization
pkg/io/errors_test.go I/O error validation tests
pkg/io/config-manager/helpers_test.go Added mock provider and additional test cases
pkg/client/oci/verifier_test.go New OCI registry verifier tests
pkg/client/docker/registry_helpers_test.go Comprehensive Docker registry helper tests
pkg/client/docker/export_test.go Exports internal Docker functions for testing
pkg/cli/helpers/registry_test.go Registry helper function tests
pkg/apis/cluster/v1alpha1/types_test.go Extended LocalRegistry method tests
pkg/apis/cluster/v1alpha1/marshal_test.go YAML/JSON marshalling and default pruning tests
pkg/apis/cluster/v1alpha1/enums_test.go Comprehensive enum validation tests
pkg/svc/installer/flux/resources.go Removed obsolete nolint comment
pkg/client/oci/verifier.go Updated comment for clarity
.golangci.yml Added linter exception for test file

@github-project-automation github-project-automation bot moved this from 🏃🏻‍♂️ In Progress to 🚀 In Finalization in 🌊 Project Board Jan 18, 2026
Copilot AI review requested due to automatic review settings January 18, 2026 15:21
Copilot AI reviewed Jan 18, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

@devantler devantler disabled auto-merge January 18, 2026 15:44
@devantler devantler added this pull request to the merge queue Jan 18, 2026
Merged via the queue into main with commit 3c183d7 Jan 18, 2026
22 of 23 checks passed
@devantler devantler deleted the test/improve-code-coverage branch January 18, 2026 15:59
@github-project-automation github-project-automation bot moved this from 🚀 In Finalization to ✅ Done in 🌊 Project Board Jan 18, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

@devantler devantler

Labels

None yet

Projects

🌊 Project Board
Status: ✅ Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@devantler