Skip to content

[test] Add tests for difc.SetSinkServerIDs and difc.IsSinkServerID#2063

Draft
github-actions[bot] wants to merge 1 commit intomainfrom
add-sink-server-ids-tests-ceaa24036c1f19ca
Draft

[test] Add tests for difc.SetSinkServerIDs and difc.IsSinkServerID#2063
github-actions[bot] wants to merge 1 commit intomainfrom
add-sink-server-ids-tests-ceaa24036c1f19ca

Conversation

@github-actions
Copy link
Contributor

@github-actions github-actions bot commented Mar 17, 2026

Test Coverage Improvement: difc.SetSinkServerIDs and difc.IsSinkServerID

Functions Analyzed

  • Package: internal/difc
  • Functions: SetSinkServerIDs, IsSinkServerID
  • File: internal/difc/sink_server_ids.go
  • Previous Coverage: 0% (both functions)
  • New Coverage: 100% (both functions)
  • Package Coverage: 93.8% → 99.7%
  • Complexity: Medium (SetSinkServerIDs has 7+ branches including dedup, trimming, sorting)

Why These Functions?

SetSinkServerIDs and IsSinkServerID had 0% coverage because they are only called from internal/cmd (which depends on cobra), making them unreachable from the unit test suite. Yet they implement critical DIFC (Decentralized Information Flow Control) sink configuration logic:

  • SetSinkServerIDs: configures which backend MCP server IDs receive DIFC tag snapshot enrichment in RPC JSONL logs. Has complex branching: empty-input clearing, whitespace trimming, deduplication, and sorted storage.
  • IsSinkServerID: thread-safe lookup into the configured set.

Despite the 0% coverage, these functions have no existing test file at all (sink_server_ids_test.go did not exist).

Tests Added

  • Empty/nil input — clears existing configuration
  • Single ID — basic happy path
  • Multiple IDs — all stored and queryable
  • Sorted storage — input order doesn't matter; internal state is sorted
  • Duplicate deduplication — repeated IDs stored only once
  • Whitespace-only entries — skipped entirely
  • Whitespace trimming — leading/trailing spaces stripped before storage
  • Duplicates after trimming"github" and " github " collapse to one entry
  • Mixed valid/whitespace — only non-whitespace entries stored
  • Overwrite semantics — second call replaces first
  • Exact match — case-sensitive, no partial/prefix matching
  • No match when unconfigured — empty state always returns false
  • Integration tests — combined Set/IsSink scenarios
  • Concurrent reads — 50 goroutines reading simultaneously
  • Concurrent read/write — mix of reads and writes without races
  • Clear and repopulate — state transitions work correctly

Coverage Report

Before:
  SetSinkServerIDs:   0.0%
  IsSinkServerID:     0.0%
  package total:      93.8%

After:
  SetSinkServerIDs:   100.0%
  IsSinkServerID:     100.0%
  package total:      99.7%

Improvement: +5.9% package coverage
```

### Test Execution

All 32 tests pass (verified locally with Go 1.24 / vendor dir):

```
=== RUN   TestSetSinkServerIDs_EmptyInput
--- PASS
=== RUN   TestSetSinkServerIDs_SingleID
--- PASS
=== RUN   TestSetSinkServerIDs_MultipleIDs
--- PASS
=== RUN   TestSetSinkServerIDs_SortedStorage
--- PASS
=== RUN   TestSetSinkServerIDs_DuplicatesDeduped
--- PASS
=== RUN   TestSetSinkServerIDs_WhitespaceOnlySkipped
--- PASS
=== RUN   TestSetSinkServerIDs_WhitespaceTrimmed
--- PASS
=== RUN   TestSetSinkServerIDs_DuplicatesAfterTrimming
--- PASS
=== RUN   TestSetSinkServerIDs_MixedValidAndWhitespace
--- PASS
=== RUN   TestSetSinkServerIDs_Overwrite
--- PASS
=== RUN   TestIsSinkServerID_EmptyConfiguration
--- PASS
=== RUN   TestIsSinkServerID_ExactMatch  (10 sub-tests)
--- PASS
=== RUN   TestIsSinkServerID_CaseSensitive
--- PASS
=== RUN   TestSetSinkServerIDs_IsSinkServerID_Integration  (7 sub-tests)
--- PASS
=== RUN   TestSetSinkServerIDs_ConcurrentAccess
--- PASS
=== RUN   TestIsSinkServerID_ConcurrentReads
--- PASS
=== RUN   TestSetSinkServerIDs_AllDuplicates
--- PASS
=== RUN   TestSetSinkServerIDs_SpecialCharacterIDs
--- PASS
=== RUN   TestSetSinkServerIDs_ClearThenRepopulate
--- PASS
ok      github.com/github/gh-aw-mcpg/internal/difc   coverage: 99.7% of statements

Note: The project requires Go 1.25.0 (go.mod) but the test environment has Go 1.24.13. The test logic uses no Go 1.25-specific features; CI with the correct toolchain will verify.

Generated by Test Coverage Improver
Next run will target the next most complex under-tested function

Generated by Test Coverage Improver ·

Warning

⚠️ Firewall blocked 5 domains

The following domains were blocked by the firewall during workflow execution:

  • go.yaml.in
  • golang.org
  • gopkg.in
  • invalidhostthatdoesnotexist12345.com
  • proxy.golang.org

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "go.yaml.in"
    - "golang.org"
    - "gopkg.in"
    - "invalidhostthatdoesnotexist12345.com"
    - "proxy.golang.org"

See Network Configuration for more information.

@github-actions
Add tests for difc.SetSinkServerIDs and difc.IsSinkServerID
135fd68 
These two functions in internal/difc/sink_server_ids.go had 0% test
coverage because they are only called from internal/cmd, which was not
reachable from the unit test suite.

Add a comprehensive test file covering all branches:

- SetSinkServerIDs: empty/nil input (clears state), single ID, multiple
  IDs, sorted storage, duplicate deduplication, whitespace-only entries
  skipped, whitespace trimming, duplicates after trimming, mixed valid
  and whitespace entries, overwrite semantics
- IsSinkServerID: empty configuration, exact match, case sensitivity,
  no partial matches, no whitespace matching
- Integration tests combining both functions
- Concurrent read/write safety tests

Coverage improvement:
  SetSinkServerIDs: 0% → 100%
  IsSinkServerID:   0% → 100%
  internal/difc package: 93.8% → 99.7%

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
lpcox added a commit that referenced this pull request Mar 19, 2026
@lpcox
chore: add guard filtering summary to repo-assist monthly activity is…
2377d43 
…sue (#2158)

## Summary

Adds a **Guard Filtering Summary** section to the repo-assist Monthly
Activity Issue so maintainers can see what objects the guard policy
blocked during each run.

## What it looks like

When the guard filters objects, the monthly activity issue will include:

```markdown
## Guard Filtering Summary

| Type | Count | Resources |
|------|-------|-----------|
| Issues | 7 | #1711, #2049, #2086, #2087, #2089, #2093, #2100 |
| PRs | 7 | #2037, #2042, #2061, #2063, #2064, #2092, #2096 |
| Other | 2 | actions_list, get_repository_tree |

**Policy**: `repos: [github/*], min-integrity: merged`
**Total filtered**: 54 items across 17 tool calls
```

When no filtering occurs, it states "No objects were filtered by the
guard policy."

## How it works

1. **New section in issue template** — "Guard Filtering Summary" sits
between "Future Work" and "Run History"
2. **New step 6** — Agent reads `/tmp/gh-aw/mcp-logs/rpc-messages.jsonl`
via bash, parses `DIFC_FILTERED` entries, groups by type
(issues/PRs/other), deduplicates across tool calls
3. **Python one-liner** — Extracts resource descriptions, groups into a
JSON summary the agent uses to populate the template

## Motivation

From [run
23274488766](https://github.com/github/gh-aw-mcpg/actions/runs/23274488766),
54 objects were silently filtered with `min-integrity: merged`. The
agent reported "GitHub API access to private repo issues unavailable"
without understanding why. This change gives both the agent and
maintainers explicit visibility into guard policy impact.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

automation testing

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants