Skip to content

Commit 2eafb0a

Browse files
committed
Add agent test suite with race detection and fuzz testing
1 parent d6e412b commit 2eafb0a

File tree

9 files changed

+1181
-15
lines changed

9 files changed

+1181
-15
lines changed

.github/workflows/workflow.yml

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,28 @@ permissions:
3232
packages: write
3333

3434
jobs:
35+
agent-tests:
36+
runs-on: ubuntu-latest
37+
name: Agent Tests (race + fuzz)
38+
steps:
39+
- uses: actions/checkout@v4
40+
41+
- uses: actions/setup-go@v5
42+
with:
43+
go-version-file: go.mod
44+
45+
- name: Unit tests with race detector
46+
run: go test -race -count=1 -v ./agent/...
47+
48+
- name: Fuzz ParseDockerImage
49+
run: go test -fuzz=FuzzParseDockerImage -fuzztime=30s ./agent
50+
51+
- name: Fuzz ParseShebang
52+
run: go test -fuzz=FuzzParseShebang -fuzztime=30s ./agent
53+
54+
- name: Fuzz ResolveTemplate
55+
run: go test -fuzz=FuzzResolveTemplate -fuzztime=30s ./agent
56+
3557
build-quick:
3658

3759
runs-on: ubuntu-latest

agent/client.go

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -158,7 +158,17 @@ func saveInstanceCred(serverURL, agentToken string, cred *InstanceCred) error {
158158
if err != nil {
159159
return err
160160
}
161-
return os.WriteFile(path, data, 0o600)
161+
// Atomic write: temp file → fsync → rename. Prevents a crash
162+
// mid-write from leaving a truncated or empty credential file.
163+
tmp := path + ".tmp"
164+
if err := os.WriteFile(tmp, data, 0o600); err != nil {
165+
return err
166+
}
167+
if f, err := os.Open(tmp); err == nil {
168+
_ = f.Sync()
169+
f.Close()
170+
}
171+
return os.Rename(tmp, path)
162172
}
163173

164174
// DeleteInstanceCred removes the on-disk credential file for a given

0 commit comments

Comments
 (0)