Implement M9: test hardening with handler tests, negative paths, CI coverage gates

All 7 handler files now have test coverage: jobs (14 tests), notifications (11), policies (15), issuers (15), targets (14). Negative-path integration tests cover nonexistent resources, invalid payloads, malformed CSR, expired cert lifecycle, and method-not-allowed errors. CI now enforces coverage thresholds (service 60%+, handler 50%+) and includes connector tests. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-06-07 23:31:39 +00:00 · 2026-03-15 14:06:48 -04:00
parent bc5a6031b8
commit b9bc2ace8e
8 changed files with 2387 additions and 26 deletions
@@ -30,7 +30,32 @@ jobs:

      - name: Go Test with Coverage
        run: |
-          go test ./internal/service/... ./internal/api/handler/... ./internal/integration/... -count=1 -cover -coverprofile=coverage.out
+          go test ./internal/service/... ./internal/api/handler/... ./internal/integration/... ./internal/connector/... -count=1 -cover -coverprofile=coverage.out
+
+      - name: Check Coverage Thresholds
+        run: |
+          # Extract per-package coverage from test output
+          echo "=== Coverage Report ==="
+          go tool cover -func=coverage.out | tail -1
+
+          # Check service layer coverage (target: 70%+)
+          SERVICE_COV=$(go tool cover -func=coverage.out | grep 'internal/service' | awk '{print $NF}' | sed 's/%//' | awk '{sum+=$1; n++} END {if(n>0) printf "%.1f", sum/n; else print "0"}')
+          echo "Service layer coverage: ${SERVICE_COV}%"
+
+          # Check handler layer coverage (target: 60%+)
+          HANDLER_COV=$(go tool cover -func=coverage.out | grep 'internal/api/handler' | awk '{print $NF}' | sed 's/%//' | awk '{sum+=$1; n++} END {if(n>0) printf "%.1f", sum/n; else print "0"}')
+          echo "Handler layer coverage: ${HANDLER_COV}%"
+
+          # Fail if thresholds not met
+          if [ "$(echo "$SERVICE_COV < 60" | bc -l)" -eq 1 ]; then
+            echo "::error::Service layer coverage ${SERVICE_COV}% is below 60% threshold"
+            exit 1
+          fi
+          if [ "$(echo "$HANDLER_COV < 50" | bc -l)" -eq 1 ]; then
+            echo "::error::Handler layer coverage ${HANDLER_COV}% is below 50% threshold"
+            exit 1
+          fi
+          echo "Coverage thresholds passed!"

      - name: Upload Coverage Report
        uses: actions/upload-artifact@v4