test(load): harden tier2 scoped writeback evidence

[khaliqgant]

Summary

• tie graceful 429 handling to the failed member instead of a global observed-429 flag
• preserve mount and remote-visibility evidence as soon as it is produced so failure paths retain forensics
• keep relayfile-mount state outside member live roots and reject exact relayfile:fs:manage short-form scopes

Tests

• node --check test/load/tier2-cfdo-scoped-writeback.mjs
• npm run test:load:tier2-scoped-writeback:self-test
• env RELAYFILE_TIER2_RUN=1 RELAYFILE_TIER2_RELAYFILE_URL=https://example.invalid RELAYFILE_TIER2_RELAYAUTH_URL=https://auth.example.invalid RELAYFILE_TIER2_WORKSPACE_ID=ws RELAYFILE_TIER2_WORKSPACE_TOKEN=tok npm run test:load:tier2-scoped-writeback:self-test
• no-creds harness path exits 77 and writes skipped evidence

§7 remains open: this only hardens the credential-gated harness before the operator-provisioned CF-DO run.

[gemini-code-assist]

Warning

You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again!

[coderabbitai]

Warning

Review limit reached

@khaliqgant, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 41 minutes and 11 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 536ffba1-1955-42cb-b3fc-c3581f47239f

📥 Commits

Reviewing files that changed from the base of the PR and between 116335c and c35b6dd.

📒 Files selected for processing (2)

• test/load/README.md
• test/load/tier2-cfdo-scoped-writeback.mjs

📝 Walkthrough

Walkthrough

The Tier-2 CF-DO scoped writeback load harness is hardened to validate broader scope patterns, externalize per-member state file storage outside mounted roots, refactor remote visibility verification to collect structured failures, enrich admission probe responses with member names, introduce member-scoped backpressure detection, and integrate new evidence semantics into the main control flow with expanded test coverage.

Changes

Tier-2 CF-DO Scoped Writeback Harness Validation Hardening

Layer / File(s)	Summary
Scope validation tightening test/load/tier2-cfdo-scoped-writeback.mjs	isBroadOrAdminScope now flags exact scope value relayfile:fs:manage as broad/admin scope in addition to existing patterns.
State file path externalization test/load/tier2-cfdo-scoped-writeback.mjs	Per-member state file moves from inside liveRoot to dedicated path under workroot (state/<member>/). Member preparation creates the stateFile path and parent directory; runMountOnce passes it via --state-file argument.
Remote visibility verification refactoring test/load/tier2-cfdo-scoped-writeback.mjs	verifyRemoteVisibility refactored to collect checks plus failures array and return structured { checks, failures } instead of throwing inline. directAdmissionProbe response objects enriched with originating member name.
Evidence computation helpers test/load/tier2-cfdo-scoped-writeback.mjs	New helper sawGracefulBackpressureForMember detects same-member 429+Retry-After across mounts and admission probe responses. buildSummary centralizes evidence summary computation from mounts and admission probe data.
Harness control flow and evidence semantics test/load/tier2-cfdo-scoped-writeback.mjs	runHarness sets evidence.mounts early after bootstrap, throws on remote visibility failures using new failures output, validates writeback failures using same-member graceful 429 check, and sets evidence.summary via buildSummary.
Test assertions for new behavior test/load/tier2-cfdo-scoped-writeback.mjs	selfTest expands broad/admin scope assertions for relayfile:fs:manage variants and adds unit-style assertions for sawGracefulBackpressureForMember with same-member positive and wrong-member negative cases.
Documentation clarification test/load/README.md	Mount state file placement documented to clarify it is stored outside each member's mounted local root, ensuring harness bookkeeping cannot become part of the scoped writeback surface.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~22 minutes

Possibly related PRs

• AgentWorkforce/relayfile#228: Overlapping Tier-2 CF-DO scoped writeback load harness work including state file storage and evidence behavior changes in the same test files.

Poem

🐰 A harness now holds state more neat,
Where each member's proof lives outside the beat,
Backpressure detected with grace and care,
Evidence flows where member names are there!
📊✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'test(load): harden tier2 scoped writeback evidence' directly reflects the main objective of tightening validation and improving evidence handling in the tier2 scoped writeback test harness.
Description check	✅ Passed	The description clearly relates to the changeset by detailing key modifications: member-specific 429 handling, evidence preservation, mount state relocation, and scope validation changes that align with the file modifications.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/tier2-harness-evidence-integrity

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[agent-relay-code]

Reviewed PR #230 and made one harness hardening fix in test/load/tier2-cfdo-scoped-writeback.mjs: relayfile:fs:write:* and relayfile:fs:manage:* are now classified as broad scopes, with self-test coverage for the write wildcard.

Checked PR comments via GitHub tools; there were no actionable bot findings, only quota/in-progress comments.

Verification run:

• npm run test:load:tier2-scoped-writeback:self-test passed
• node --check test/load/tier2-cfdo-scoped-writeback.mjs passed
• credential-gated skip path exited 77 and wrote skipped evidence as intended
• Go checks could not run because go is not installed in this environment

[agent-relay-code]

✅ pr-reviewer applied fixes — committed and pushed 9339e0d to this PR. The notes below describe what changed.

Reviewed PR #230 and made one harness hardening fix in test/load/tier2-cfdo-scoped-writeback.mjs: relayfile:fs:write:* and relayfile:fs:manage:* are now classified as broad scopes, with self-test coverage for the write wildcard.

Checked PR comments via GitHub tools; there were no actionable bot findings, only quota/in-progress comments.

Verification run:

• npm run test:load:tier2-scoped-writeback:self-test passed
• node --check test/load/tier2-cfdo-scoped-writeback.mjs passed
• credential-gated skip path exited 77 and wrote skipped evidence as intended
• Go checks could not run because go is not installed in this environment

[agent-relay-code]

✅ pr-reviewer applied fixes — committed and pushed 9339e0d to this PR. The notes below describe what changed.

Reviewed PR #230 and made one harness hardening fix in test/load/tier2-cfdo-scoped-writeback.mjs: relayfile:fs:write:* and relayfile:fs:manage:* are now classified as broad scopes, with self-test coverage for the write wildcard.

Checked PR comments via GitHub tools; there were no actionable bot findings, only quota/in-progress comments.

Verification run:

• npm run test:load:tier2-scoped-writeback:self-test passed
• node --check test/load/tier2-cfdo-scoped-writeback.mjs passed
• credential-gated skip path exited 77 and wrote skipped evidence as intended
• Go checks could not run because go is not installed in this environment

[cubic-dev-ai]

No issues found across 2 files

_{Re-trigger cubic}

[agent-relay-code]

⚠️ pr-reviewer did not push — the PR branch advanced during the review, so fixes were withheld to avoid overwriting newer commits. Re-trigger the review once the branch settles. The notes below are advisory and were not pushed.

Reviewed PR #230 and fixed one harness correctness issue in test/load/tier2-cfdo-scoped-writeback.mjs: the load harness now writes member changes into the effective scoped local root that relayfile-mount actually uses for non-root --remote-path mounts, while still passing the parent directory to --local-dir. Added self-test coverage for that path mapping.

Checked PR comments; bot reviews had no actionable findings beyond generic quota/docstring noise.

Local verification:

• node --check test/load/tier2-cfdo-scoped-writeback.mjs passed
• npm run test:load:tier2-scoped-writeback:self-test passed
• credential-gated skip path exited 77 and wrote skipped evidence as intended
• Go checks could not run because go is not installed in this environment

[agent-relay-code]

⚠️ pr-reviewer did not push — the PR branch advanced during the review, so fixes were withheld to avoid overwriting newer commits. Re-trigger the review once the branch settles. The notes below are advisory and were not pushed.

Reviewed PR #230 and fixed one harness correctness issue in test/load/tier2-cfdo-scoped-writeback.mjs: the load harness now writes member changes into the effective scoped local root that relayfile-mount actually uses for non-root --remote-path mounts, while still passing the parent directory to --local-dir. Added self-test coverage for that path mapping.

Checked PR comments; bot reviews had no actionable findings beyond generic quota/docstring noise.

Local verification:

• node --check test/load/tier2-cfdo-scoped-writeback.mjs passed
• npm run test:load:tier2-scoped-writeback:self-test passed
• credential-gated skip path exited 77 and wrote skipped evidence as intended
• Go checks could not run because go is not installed in this environment

[agent-relay-code]

⚠️ pr-reviewer did not push — the PR branch advanced during the review, so fixes were withheld to avoid overwriting newer commits. Re-trigger the review once the branch settles. The notes below are advisory and were not pushed.

Reviewed PR #230 and fixed one harness correctness issue in test/load/tier2-cfdo-scoped-writeback.mjs: the load harness now writes member changes into the effective scoped local root that relayfile-mount actually uses for non-root --remote-path mounts, while still passing the parent directory to --local-dir. Added self-test coverage for that path mapping.

Checked PR comments; bot reviews had no actionable findings beyond generic quota/docstring noise.

Local verification:

• node --check test/load/tier2-cfdo-scoped-writeback.mjs passed
• npm run test:load:tier2-scoped-writeback:self-test passed
• credential-gated skip path exited 77 and wrote skipped evidence as intended
• Go checks could not run because go is not installed in this environment

[agent-relay-code]

Reviewed PR #230 and fixed issues in test/load/tier2-cfdo-scoped-writeback.mjs.

Changes made:

• Write harness files into the actual scoped mount root used by relayfile-mount for non-root remote paths.
• Added a local helper to mirror that scoped path mapping.
• Tightened path-token validation to reject wildcard write-capable scopes like *:*:*:*, relayfile:*:*:*, and wildcard resource/action write grants.
• Added self-test coverage for the new scope checks and scoped local-root mapping.

Verification run:

• npm run test:load:tier2-scoped-writeback:self-test
• node --check test/load/tier2-cfdo-scoped-writeback.mjs

Could not run related Go tests because go is not installed in this environment.

[agent-relay-code]

⚠️ pr-reviewer push failed (exit 1) — fixes were not applied to the PR. The notes below are advisory and were not pushed.

Reviewed PR #230 and fixed issues in test/load/tier2-cfdo-scoped-writeback.mjs.

Changes made:

• Write harness files into the actual scoped mount root used by relayfile-mount for non-root remote paths.
• Added a local helper to mirror that scoped path mapping.
• Tightened path-token validation to reject wildcard write-capable scopes like *:*:*:*, relayfile:*:*:*, and wildcard resource/action write grants.
• Added self-test coverage for the new scope checks and scoped local-root mapping.

Verification run:

• npm run test:load:tier2-scoped-writeback:self-test
• node --check test/load/tier2-cfdo-scoped-writeback.mjs

Could not run related Go tests because go is not installed in this environment.

[agent-relay-code]

⚠️ pr-reviewer push failed (exit 1) — fixes were not applied to the PR. The notes below are advisory and were not pushed.

Reviewed PR #230 and fixed issues in test/load/tier2-cfdo-scoped-writeback.mjs.

Changes made:

• Write harness files into the actual scoped mount root used by relayfile-mount for non-root remote paths.
• Added a local helper to mirror that scoped path mapping.
• Tightened path-token validation to reject wildcard write-capable scopes like *:*:*:*, relayfile:*:*:*, and wildcard resource/action write grants.
• Added self-test coverage for the new scope checks and scoped local-root mapping.

Verification run:

• npm run test:load:tier2-scoped-writeback:self-test
• node --check test/load/tier2-cfdo-scoped-writeback.mjs

Could not run related Go tests because go is not installed in this environment.

[agent-relay-code]

Reviewed PR #230 and made one fix in test/load/tier2-cfdo-scoped-writeback.mjs: tightened isBroadOrAdminScope to reject wildcard write-capable scopes such as *:*:*:*, relayfile:*:*:*, wildcard action, and wildcard resource write grants. Added self-test coverage for those cases.

Checked bot review comments; there were no actionable unresolved bot findings beyond quota/status noise and prior advisory notes, which this change covers.

Local verification:

• node --check test/load/tier2-cfdo-scoped-writeback.mjs passed
• npm run test:load:tier2-scoped-writeback:self-test passed
• credential-gated skip path exited 77 and wrote skipped evidence as expected
• Go checks could not run because go is not installed in this environment

[agent-relay-code]

⚠️ pr-reviewer push failed (exit 1) — fixes were not applied to the PR. The notes below are advisory and were not pushed.

Reviewed PR #230 and made one fix in test/load/tier2-cfdo-scoped-writeback.mjs: tightened isBroadOrAdminScope to reject wildcard write-capable scopes such as *:*:*:*, relayfile:*:*:*, wildcard action, and wildcard resource write grants. Added self-test coverage for those cases.

Checked bot review comments; there were no actionable unresolved bot findings beyond quota/status noise and prior advisory notes, which this change covers.

Local verification:

• node --check test/load/tier2-cfdo-scoped-writeback.mjs passed
• npm run test:load:tier2-scoped-writeback:self-test passed
• credential-gated skip path exited 77 and wrote skipped evidence as expected
• Go checks could not run because go is not installed in this environment

[agent-relay-code]

⚠️ pr-reviewer push failed (exit 1) — fixes were not applied to the PR. The notes below are advisory and were not pushed.

Reviewed PR #230 and made one fix in test/load/tier2-cfdo-scoped-writeback.mjs: tightened isBroadOrAdminScope to reject wildcard write-capable scopes such as *:*:*:*, relayfile:*:*:*, wildcard action, and wildcard resource write grants. Added self-test coverage for those cases.

Checked bot review comments; there were no actionable unresolved bot findings beyond quota/status noise and prior advisory notes, which this change covers.

Local verification:

• node --check test/load/tier2-cfdo-scoped-writeback.mjs passed
• npm run test:load:tier2-scoped-writeback:self-test passed
• credential-gated skip path exited 77 and wrote skipped evidence as expected
• Go checks could not run because go is not installed in this environment

[agent-relay-code]

⚠️ pr-reviewer did not push — the PR branch advanced during the review, so fixes were withheld to avoid overwriting newer commits. Re-trigger the review once the branch settles. The notes below are advisory and were not pushed.

Reviewed PR #230 against the supplied diff/context and surrounding mount behavior. I found no remaining code changes needed; the current branch already includes the scoped local-root fix and wildcard write-scope validation covered by prior bot advisory notes. No unresolved review threads were present.

Local checks run:

• node --check test/load/tier2-cfdo-scoped-writeback.mjs
• npm run test:load:tier2-scoped-writeback:self-test
• credential-gated skip path exited 77 and wrote skipped evidence
• npm run typecheck --workspace=packages/sdk/typescript
• merge conflict marker scan

Could not run Go checks because go is not installed. The SDK workspace test command also could not run because vitest is not installed in this environment.

[agent-relay-code]

⚠️ pr-reviewer did not push — the PR branch advanced during the review, so fixes were withheld to avoid overwriting newer commits. Re-trigger the review once the branch settles. The notes below are advisory and were not pushed.

Reviewed PR #230 against the supplied diff/context and surrounding mount behavior. I found no remaining code changes needed; the current branch already includes the scoped local-root fix and wildcard write-scope validation covered by prior bot advisory notes. No unresolved review threads were present.

Local checks run:

• node --check test/load/tier2-cfdo-scoped-writeback.mjs
• npm run test:load:tier2-scoped-writeback:self-test
• credential-gated skip path exited 77 and wrote skipped evidence
• npm run typecheck --workspace=packages/sdk/typescript
• merge conflict marker scan

Could not run Go checks because go is not installed. The SDK workspace test command also could not run because vitest is not installed in this environment.

[agent-relay-code]

Reviewed PR #230 against .workforce/pr.diff, changed files, PR context, mount behavior, and bot comments. No additional code edits were needed; the current branch already includes the scoped mount-root fix and wildcard write-scope validation from prior advisory notes.

Local checks run:

• node --check test/load/tier2-cfdo-scoped-writeback.mjs
• npm run test:load:tier2-scoped-writeback:self-test
• credential-gated skip path exits 77 and writes skipped evidence
• npm run typecheck --workspace=packages/sdk/typescript
• merge conflict marker scan

Could not run Go checks because go is not installed. The SDK test command could not run because vitest is not installed.

[agent-relay-code]

⚠️ pr-reviewer did not push — the PR branch advanced during the review, so fixes were withheld to avoid overwriting newer commits. Re-trigger the review once the branch settles. The notes below are advisory and were not pushed.

Reviewed PR #230 against .workforce/pr.diff, changed files, PR context, mount behavior, and bot comments. No additional code edits were needed; the current branch already includes the scoped mount-root fix and wildcard write-scope validation from prior advisory notes.

Local checks run:

• node --check test/load/tier2-cfdo-scoped-writeback.mjs
• npm run test:load:tier2-scoped-writeback:self-test
• credential-gated skip path exits 77 and writes skipped evidence
• npm run typecheck --workspace=packages/sdk/typescript
• merge conflict marker scan

Could not run Go checks because go is not installed. The SDK test command could not run because vitest is not installed.

[agent-relay-code]

⚠️ pr-reviewer did not push — the PR branch advanced during the review, so fixes were withheld to avoid overwriting newer commits. Re-trigger the review once the branch settles. The notes below are advisory and were not pushed.

Reviewed PR #230 against .workforce/pr.diff, changed files, PR context, mount behavior, and bot comments. No additional code edits were needed; the current branch already includes the scoped mount-root fix and wildcard write-scope validation from prior advisory notes.

Local checks run:

• node --check test/load/tier2-cfdo-scoped-writeback.mjs
• npm run test:load:tier2-scoped-writeback:self-test
• credential-gated skip path exits 77 and writes skipped evidence
• npm run typecheck --workspace=packages/sdk/typescript
• merge conflict marker scan

Could not run Go checks because go is not installed. The SDK test command could not run because vitest is not installed.

[agent-relay-code]

Reviewed PR #230 against the supplied diff/context, changed files, surrounding mount behavior, and PR bot comments. I found no additional code changes needed in the current checkout; the earlier wildcard write-scope advisory is already covered.

Local verification run:

• node --check test/load/tier2-cfdo-scoped-writeback.mjs
• npm run test:load:tier2-scoped-writeback:self-test
• credential-gated skip path exits as 77 and writes skipped evidence
• npm run typecheck --workspace=packages/sdk/typescript
• merge conflict marker scan

go is not installed in this environment, so Go checks could not be run.

[agent-relay-code]

⚠️ pr-reviewer did not push — the PR branch advanced during the review, so fixes were withheld to avoid overwriting newer commits. Re-trigger the review once the branch settles. The notes below are advisory and were not pushed.

Reviewed PR #230 against the supplied diff/context, changed files, surrounding mount behavior, and PR bot comments. I found no additional code changes needed in the current checkout; the earlier wildcard write-scope advisory is already covered.

Local verification run:

• node --check test/load/tier2-cfdo-scoped-writeback.mjs
• npm run test:load:tier2-scoped-writeback:self-test
• credential-gated skip path exits as 77 and writes skipped evidence
• npm run typecheck --workspace=packages/sdk/typescript
• merge conflict marker scan

go is not installed in this environment, so Go checks could not be run.

[agent-relay-code]

⚠️ pr-reviewer did not push — the PR branch advanced during the review, so fixes were withheld to avoid overwriting newer commits. Re-trigger the review once the branch settles. The notes below are advisory and were not pushed.

Reviewed PR #230 against the supplied diff/context, changed files, surrounding mount behavior, and PR bot comments. I found no additional code changes needed in the current checkout; the earlier wildcard write-scope advisory is already covered.

Local verification run:

• node --check test/load/tier2-cfdo-scoped-writeback.mjs
• npm run test:load:tier2-scoped-writeback:self-test
• credential-gated skip path exits as 77 and writes skipped evidence
• npm run typecheck --workspace=packages/sdk/typescript
• merge conflict marker scan

go is not installed in this environment, so Go checks could not be run.