#!/usr/bin/env bash set -euo pipefail ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)" THRESHOLD_FILE="${THRESHOLD_FILE:-$ROOT_DIR/tests/quality/coverage_thresholds.tsv}" OUTPUT_DIR="${OUTPUT_DIR:-$(mktemp -d "/tmp/sub2api-cn-relay-manager-test-quality-XXXXXX")}" fail() { echo "FAIL: $*" >&2 exit 1 } log() { echo "==> $*" } [[ -f "$THRESHOLD_FILE" ]] || fail "missing coverage threshold file: $THRESHOLD_FILE" mkdir -p "$OUTPUT_DIR" GOFMT_LOG="$OUTPUT_DIR/gofmt.txt" GOVET_LOG="$OUTPUT_DIR/govet.txt" INTEGRATION_LOG="$OUTPUT_DIR/integration.txt" COVERAGE_LOG="$OUTPUT_DIR/coverage.txt" COVERAGE_REPORT="$OUTPUT_DIR/coverage-report.md" log "quality gate output dir: $OUTPUT_DIR" log "running gofmt check" gofmt -l . | tee "$GOFMT_LOG" if [[ -s "$GOFMT_LOG" ]]; then fail "gofmt reported unformatted files" fi log "running go vet" go vet ./... 2>&1 | tee "$GOVET_LOG" log "running internal coverage" go test -cover ./internal/... 2>&1 | tee "$COVERAGE_LOG" log "running integration tests" set +e go test ./tests/integration/... -count=1 2>&1 | tee "$INTEGRATION_LOG" integration_status=${PIPESTATUS[0]} set -e if [[ $integration_status -ne 0 ]]; then if grep -Eq 'socket: operation not permitted|failed to listen on a port' "$INTEGRATION_LOG"; then if [[ "${ALLOW_BLOCKED_INTEGRATION:-0}" == "1" ]]; then log "integration tests blocked by socket-restricted environment; continuing because ALLOW_BLOCKED_INTEGRATION=1" else fail "integration tests blocked by current environment socket restrictions; rerun in an unrestricted environment or set ALLOW_BLOCKED_INTEGRATION=1 for local triage" fi else fail "integration tests failed" fi fi log "evaluating coverage thresholds" awk -v threshold_file="$THRESHOLD_FILE" -v report_file="$COVERAGE_REPORT" ' BEGIN { FS = "\t" while ((getline line < threshold_file) > 0) { if (line ~ /^#/ || line ~ /^[[:space:]]*$/) { continue } split(line, fields, "\t") package = fields[1] tier = fields[2] min_coverage = fields[3] + 0 note = fields[4] expected[package] = min_coverage tier_by_package[package] = tier note_by_package[package] = note } close(threshold_file) } /^ok[[:space:]]+sub2api-cn-relay-manager\/internal\// { package = $2 sub(/^sub2api-cn-relay-manager\//, "", package) pct = -1 if (match($0, /coverage: [0-9.]+%/)) { pct_text = substr($0, RSTART + 10, RLENGTH - 11) pct = pct_text + 0 } coverage[package] = pct } /^\?[[:space:]]+sub2api-cn-relay-manager\/internal\// { package = $2 sub(/^sub2api-cn-relay-manager\//, "", package) coverage[package] = -1 } END { print "# Coverage Gate Report" > report_file print "" >> report_file print "| Package | Tier | Threshold | Actual | Result | Note |" >> report_file print "|---|---|---:|---:|---|---|" >> report_file failures = 0 warnings = 0 for (package in expected) { actual = (package in coverage) ? coverage[package] : -1 result = "missing" if (actual >= 0 && actual + 1e-9 >= expected[package]) { result = "pass" } else if (tier_by_package[package] == "watch") { result = "warn" warnings++ } else { result = "fail" failures++ } actual_text = (actual >= 0) ? sprintf("%.1f", actual) : "n/a" print "| " package " | " tier_by_package[package] " | " sprintf("%.1f", expected[package]) " | " actual_text " | " result " | " note_by_package[package] " |" >> report_file if (result == "fail") { printf("FAIL coverage: %s actual=%s threshold=%.1f\n", package, actual_text, expected[package]) > "/dev/stderr" } else if (result == "warn") { printf("WARN coverage: %s actual=%s threshold=%.1f\n", package, actual_text, expected[package]) > "/dev/stderr" } } print "" >> report_file print "- Warnings: " warnings >> report_file print "- Failures: " failures >> report_file if (failures > 0) { exit 2 } } ' "$COVERAGE_LOG" log "coverage report: $COVERAGE_REPORT" cat "$COVERAGE_REPORT" log "quality gates passed"