Prepare v0.9.0 release updates and fast coverage

[nao1215]

Summary

• add fast coverage for lifecycle signal handling, public HEAD endpoints, and CLI runtime error paths
• prepare the v0.9.0 release metadata in the changelog, Cargo files, and OpenAPI spec
• bump google-cloud-auth, google-cloud-storage, and rstest to the requested versions

Testing

• cargo test --test server_head -- --nocapture
• cargo test --lib adapters::server::lifecycle::tests -- --nocapture
• cargo test --lib adapters::cli::sign::tests -- --nocapture
• cargo test --lib adapters::cli::serve::tests -- --nocapture
• cargo metadata --locked --no-deps --format-version 1
• cargo test --locked --no-run

Summary by CodeRabbit

• New Features

  • Added support for HEAD requests with signed path-based and URL-based access.

• Tests

  • Expanded test coverage for signed HEAD requests, CLI error handling, and server lifecycle operations.

• Chores

  • Bumped version to 0.9.0 and updated development dependencies.

[coderabbitai]

Warning

Rate limit exceeded

@nao1215 has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 7 minutes and 2 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 9b871047-658a-45b3-a38b-f11d1967659c

📥 Commits

Reviewing files that changed from the base of the PR and between 7454ea1 and 1a60ae2.

📒 Files selected for processing (3)

• docs/openapi.yaml
• src/adapters/cli/serve.rs
• src/adapters/server/lifecycle.rs

📝 Walkthrough

Walkthrough

This PR bumps the package version to v0.9.0 with corresponding documentation updates and adds comprehensive test coverage across CLI and server modules. Version numbers are updated in Cargo.toml, OpenAPI specification, and CHANGELOG, while new unit and integration tests are introduced for error handling and feature validation without modifying production code logic.

Changes

Cohort / File(s)	Summary
Release Metadata CHANGELOG.md, Cargo.toml, docs/openapi.yaml	Version bump from 0.8.0 to 0.9.0; rstest dev-dependency updated to 0.26.1; changelog entries added documenting features, fixes, and documentation updates.
CLI Tests src/adapters/cli/serve.rs, src/adapters/cli/sign.rs	New unit tests added for error handling: invalid bind address failures, writer failures, and watermark option validation with appropriate error codes and messages.
Server Lifecycle Tests src/adapters/server/lifecycle.rs	Unix-specific unit tests added for signal handling (SIGUSR1 log-level cycling), shutdown pipe readiness, and draining flag behavior with global state management.
Integration Tests tests/server_head.rs	New HEAD request helpers and integration tests added for signed path-based and URL-based HEAD requests, validating response headers, content type, ETag presence, and Cache-Control behavior.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• v0.7.1 #108: Overlaps on signal-handling test behavior (SIGUSR1 cycling, draining pipe) and version/changelog updates.
• refactor: complete server/mod.rs extraction, remove ~2400 lines of duplicated code #134: Modifies the same src/adapters/server/lifecycle.rs file with lifecycle-related adjustments.
• Refactor: consolidate test helpers, parameterize tests, and fix WASM OOM bug #137: Adds complementary HEAD request test helpers and improvements to test infrastructure.

Poem

🐰 A version hops to point-nine-oh,
With tests that bloom and safely grow,
From CLI serve to heads held high,
Each error caught before it flies,
The changelog sings of spring's new code! ✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title partially addresses the changeset by mentioning v0.9.0 release updates, but 'fast coverage' is vague and doesn't clearly convey that the PR adds multiple test cases across different modules (lifecycle, HEAD endpoints, CLI error paths).	Consider a more specific title like 'Release v0.9.0 with test coverage for signal handling, HEAD endpoints, and CLI error paths' to better reflect the comprehensive nature of the changes.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch codex/test-gap-remediation

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

src/adapters/server/lifecycle.rs (1)

525-558: Harden global-state restoration against test panics.

These tests restore global pointers/FDs manually; if assertions fail before restore, later tests can inherit corrupted global state. Consider a local Drop-based restore guard for GLOBAL_DRAINING, SHUTDOWN_PIPE_WR, and GLOBAL_LOG_LEVEL.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/adapters/server/lifecycle.rs` around lines 525 - 558, Wrap the manual
global-state swaps in both tests
(signal_handler_sets_draining_and_wakes_shutdown_pipe and
sigusr1_handler_cycles_global_log_level) with a local Drop-based guard that
captures the previous pointer/FD (previous_draining, previous_write_fd,
previous) and restores GLOBAL_DRAINING, SHUTDOWN_PIPE_WR, and GLOBAL_LOG_LEVEL
in its Drop impl so restoration always runs even if the test panics; create a
small scoped helper type (e.g. TestGlobalRestore) instantiated after performing
Box::into_raw/...swap and before calling signal_handler/sigusr1_handler, and
ensure the guard also handles closing the pipe (close_shutdown_pipe) and
dropping the boxed allocations in Drop to avoid leaks.

src/adapters/cli/serve.rs (1)

208-247: Make env-var cleanup panic-safe in tests.

Both tests mutate process-wide environment and clean up manually; if a test aborts early, TRUSS_STORAGE_ROOT can leak into other tests. Use a Drop guard for deterministic cleanup.

♻️ Suggested test-hardening patch

 #[cfg(test)]
 mod tests {
     use super::*;
     use serial_test::serial;
     use std::io;

+    struct EnvVarGuard(&'static str);
+    impl Drop for EnvVarGuard {
+        fn drop(&mut self) {
+            // SAFETY: test-only cleanup of process env var.
+            unsafe { std::env::remove_var(self.0) };
+        }
+    }
+
@@
     fn execute_serve_returns_runtime_error_for_invalid_bind_addr() {
         let storage_root = tempfile::tempdir().expect("create tempdir");
         // SAFETY: test-only env mutation guarded by serial execution.
         unsafe { std::env::set_var("TRUSS_STORAGE_ROOT", storage_root.path()) };
+        let _env_guard = EnvVarGuard("TRUSS_STORAGE_ROOT");
@@
-        // SAFETY: paired cleanup for the test-only env mutation above.
-        unsafe { std::env::remove_var("TRUSS_STORAGE_ROOT") };
@@
     fn execute_validate_reports_writer_failures() {
         let storage_root = tempfile::tempdir().expect("create tempdir");
         // SAFETY: test-only env mutation guarded by serial execution.
         unsafe { std::env::set_var("TRUSS_STORAGE_ROOT", storage_root.path()) };
+        let _env_guard = EnvVarGuard("TRUSS_STORAGE_ROOT");
@@
-        // SAFETY: paired cleanup for the test-only env mutation above.
-        unsafe { std::env::remove_var("TRUSS_STORAGE_ROOT") };

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/adapters/cli/serve.rs` around lines 208 - 247, The tests
execute_serve_returns_runtime_error_for_invalid_bind_addr and
execute_validate_reports_writer_failures mutate TRUSS_STORAGE_ROOT and currently
remove it manually; make cleanup panic-safe by introducing an RAII Drop guard
(e.g., EnvVarGuard) used in each test: construct the guard which sets
TRUSS_STORAGE_ROOT (for the duration of the test) and implements Drop to remove
the var, then replace the unsafe set_var/remove_var pairs in those tests (which
call execute_serve and execute_validate) with creating the guard so the env var
is always removed even on panic.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@docs/openapi.yaml`:
- Line 4: The top-level version was updated to 0.9.0 but two schema examples
still contain "0.7.1"; update the example values to "0.9.0" so examples match
the top-level version. Locate the example/version fields in the OpenAPI YAML
(the entries showing "0.7.1" near the schema examples referenced) and replace
them with "0.9.0", then scan the file for any remaining "0.7.1" strings
(example/version keys) and ensure all examples consistently reflect 0.9.0.

---

Nitpick comments:
In `@src/adapters/cli/serve.rs`:
- Around line 208-247: The tests
execute_serve_returns_runtime_error_for_invalid_bind_addr and
execute_validate_reports_writer_failures mutate TRUSS_STORAGE_ROOT and currently
remove it manually; make cleanup panic-safe by introducing an RAII Drop guard
(e.g., EnvVarGuard) used in each test: construct the guard which sets
TRUSS_STORAGE_ROOT (for the duration of the test) and implements Drop to remove
the var, then replace the unsafe set_var/remove_var pairs in those tests (which
call execute_serve and execute_validate) with creating the guard so the env var
is always removed even on panic.

In `@src/adapters/server/lifecycle.rs`:
- Around line 525-558: Wrap the manual global-state swaps in both tests
(signal_handler_sets_draining_and_wakes_shutdown_pipe and
sigusr1_handler_cycles_global_log_level) with a local Drop-based guard that
captures the previous pointer/FD (previous_draining, previous_write_fd,
previous) and restores GLOBAL_DRAINING, SHUTDOWN_PIPE_WR, and GLOBAL_LOG_LEVEL
in its Drop impl so restoration always runs even if the test panics; create a
small scoped helper type (e.g. TestGlobalRestore) instantiated after performing
Box::into_raw/...swap and before calling signal_handler/sigusr1_handler, and
ensure the guard also handles closing the pipe (close_shutdown_pipe) and
dropping the boxed allocations in Drop to avoid leaks.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 2ce01bed-d192-4e6e-9a22-3bb329470c31

📥 Commits

Reviewing files that changed from the base of the PR and between 0a04d6a and 7454ea1.

⛔ Files ignored due to path filters (1)

• Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (7)

• CHANGELOG.md
• Cargo.toml
• docs/openapi.yaml
• src/adapters/cli/serve.rs
• src/adapters/cli/sign.rs
• src/adapters/server/lifecycle.rs
• tests/server_head.rs