Live coverage

Covenant keeps default CI deterministic while tracking which surfaces have opt-in live coverage. Live tests are Rust tests named live_* and marked with #[ignore].

Commands

node agent-os/scripts/validate-live-coverage.mjs node agent-os/scripts/model-availability.mjs bash agent-os/scripts/test-stats.sh cd agent-os cargo test --workspace --exclude covenant-settlement-program -- --ignored live_ # Before targeted live CLI tests: cargo build -p covenant --locked cargo test -p covenantd --test live_cli_version -- --ignored live_cli_version_reads_protocol_info_without_token # Linux gVisor runtime validation: COVENANT_LIVE_GVISOR_ROOTFS=/path/to/rootfs \ cargo test -p covenant-runtime --test live_gvisor -- --ignored live_gvisor_runner_dispatches_with_runsc

Linux gVisor coverage requires a Linux host with runsc and a rootfs containing /bin/sh. The repeatable setup lives in Linux gVisor runner.

Matrix

SurfaceStatusNext gap
Daemon IPC corecovereddaemon IPC plus CLI intent/resume/version
State verifiercoveredtyped repair hints
Memory retentioncoveredrecord-to-receipt correlation
HTTP gatewaycoveredaudit and capabilities purge mutations
CLI capability lifecyclecoveredcapability purge after retention defaults
CLI audit feedcoveredaudit query filters after predicate support
Ignore policy gatecoveredscoped ignore override policy
Peer authenticationcoveredforced self-revoke recovery fixture
Peer listingcoveredambiguous-prefix listing
A2A mailboxcoveredper-peer repair visibility
MCP subprocesscoveredthird-party fixture
Runtime subprocesscovereddaemon dispatch failure receipts
Linux gVisor runtimeexternal servicedocumented Linux runsc runner
Budget enforcementcoveredresume success after pause/resume policy
Settlement receiptscoveredscoped receipt filters
Local modelexternal servicepin model set before more coverage

Related