{{ message }}
[test] Add tests for auth.GenerateRandomAgentID#7691
Merged
lpcox merged 1 commit intoJun 17, 2026
Merged
Conversation
Cover the previously untested error branch (lines 211–212 of header.go) where strutil.RandomHex fails and GenerateRandomAgentID must return a wrapped error. Two tests are added to internal/auth/header_test.go: - TestGenerateRandomAgentID_RandomFailure: replaces crypto/rand.Reader with a stub that always errors, then verifies the returned error is non-nil, wraps the underlying error (errors.Is), and contains the expected context string. - TestGenerateRandomAgentID_RecoveryAfterFailure: confirms that GenerateRandomAgentID behaves correctly again after the original rand.Reader is restored, ensuring no state is leaked between calls. Coverage for GenerateRandomAgentID: 71.4% → 100.0% Overall internal/auth coverage: 94.7% → 98.2% Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
⚠️ Not ready to approve
One of the new tests mutates crypto/rand.Reader without guaranteed cleanup on early assertion failure, which can leak global state and destabilize other tests.
Pull request overview
Adds targeted unit tests in internal/auth to cover the previously-unreached error path in GenerateRandomAgentID by stubbing crypto/rand.Reader, improving function-level coverage to 100%.
Changes:
- Add a test helper
errorReaderto force failures from the random source. - Add failure-path and recovery tests for
GenerateRandomAgentID, verifying%wwrapping and successful behavior after restoringrand.Reader.
File summaries
Copilot's findings
- Files reviewed: 1/1 changed files
- Comments generated: 1
Note
Your feedback helps us improve the quality of this feature.
Please use 👍 or 👎 to tell us whether this assessment is correct.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+634
to
+645
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.

Function Analyzed
internal/authGenerateRandomAgentIDcrypto/rand.Reader)Why This Function?
GenerateRandomAgentID(defined ininternal/auth/header.go) had the lowest non-trivial, non-dead-code coverage in the codebase at 71.4%. The uncovered lines (211–212) are the error branch wherestrutil.RandomHex(32)fails and the function must log and return a wrapped error. All existing tests lived in the externalapikey_test.gofile and only exercised the happy path, leaving the error-handling path completely dark.Tests Added
Two new tests in
internal/auth/header_test.go(packageauth, internal access):TestGenerateRandomAgentID_RandomFailure— Replacescrypto/rand.Readerwith a stuberrorReaderthat always returns a synthetic error. Verifies:errors.Isunwraps to the underlying source error (proper%wwrapping)"failed to generate random agent ID"TestGenerateRandomAgentID_RecoveryAfterFailure— Confirms that after restoring the originalrand.Reader, a subsequent call toGenerateRandomAgentIDsucceeds and returns the expected 64-char hex key, ruling out any state leakage.Both tests intentionally omit
t.Parallel()because they mutate the package-levelcrypto/rand.Reader.Coverage Report
Test Execution
Generated by Test Coverage Improver
Next run will target the next most complex under-tested function
Warning
Firewall blocked 8 domains
The following domains were blocked by the firewall during workflow execution:
go.opentelemetry.iogo.yaml.ingolang.orggoogle.golang.orggopkg.inproxy.golang.orgreleaseassets.githubusercontent.comsum.golang.orgSee Network Configuration for more information.