Acceptance Tests
Safety
Dirty repo is never mutated
- Given staged/unstaged/untracked changes
- When daemon sync runs
- Then no checkout/pull/delete occurs
- And skip reason is logged
No destructive git commands
- Verify sync paths do not invoke reset/force-delete/force-checkout operations.
Branch deletion protection
- Given local branch has commits not on upstream/default
- When stale cleanup is evaluated
- Then branch is not deleted and reason is logged
Sync Behavior
Default branch discovery
- Repo default branch is
mainormaster(or custom) - Tool resolves it correctly each run
- Repo default branch is
Current branch fast-forward
- Given current branch behind upstream and clean worktree
- Tool fast-forwards successfully
Default branch update
- Given local default branch behind remote
- Tool updates default branch local ref safely
Non-fast-forward situation
- Given divergence/conflict
- Tool skips mutation and logs clear remediation hint
Stale Branch Cleanup
Checked-out stale branch cleanup
- Given checked-out feature branch merged into default
- And no unique commits exist
- Tool switches to default and deletes local stale branch
- Tool also deletes other local branches that are already merged and safe
- If branch still has unique commits, cleanup is skipped with explicit reason code
Not merged branch preserved
- Given branch not merged into default
- Tool never deletes branch
Platform and Service
Linux service registration
- Install/register daemon for user and system modes
- Start/stop/status actions work
- Install/uninstall scripts are idempotent and privilege-aware
Windows service/task registration
- Install/register in supported mode
- Start/stop/status actions work
- Task registration validates creation and allows idempotent uninstall
CLI parity
- Every TUI action has a CLI equivalent
- CLI can perform all daemon actions
- Parity set includes sync all, cache refresh, and trace drill-down
Auth and Security
PAT login and validation
- Valid PAT succeeds for GitHub and Azure
- Invalid PAT rejected with actionable error
Secret redaction
- Tokens are never shown in logs/events/TUI
Update
Self-update success path
- Tool checks and applies update with checksum validation
- Release manifest and checksums are published for linux/windows artifacts
Self-update rollback path
- Simulated failed replace recovers prior executable safely
- Trace/event reason codes include update start/success/fail/rollback
Logging and Traceability
Traceability from day one
- Every daemon sync run has a trace/run ID
- Repo-level actions are linked to the same trace/run ID
- CLI can query trace details
Skip/action reason logging
- Every skipped mutation includes explicit reason code and human-readable reason
- TUI/CLI can list recent events with timestamps
- Reason codes follow a standardized taxonomy across git safety, sync, scheduler, and update paths
- CLI supports machine-readable audit exports (json/csv) for events/traces/stats
Multi-Source Accounts
Multiple active sources
- Configure at least two GitHub sources and two Azure sources concurrently
- Sync operations resolve the correct source credentials per repository
Personal and organization contexts
- Repositories from personal/private accounts and org/team accounts both sync successfully
Workspace and Persistence
Managed workspace layout
- Repositories are placed under deterministic provider/account/repo paths
- CLI can validate and report layout drift
Persistence separation
- Non-sensitive data persists in config file and/or local DB
- Sensitive data exists only in OS credential manager (or secure fallback)
Operational Readiness
Incident runbook coverage
- Incident procedures exist for auth failures, lock contention, and update rollback
- Troubleshooting guidance maps observed reason codes to concrete operator actions
Scheduler fairness at scale
- Given a large multi-source workspace (high repository count)
- When one full scheduler cycle runs
- Then each source receives execution opportunities without starvation
- And completion counts match configured repository distribution
Governance policy enforcement and diagnostics
- Given repository governance policies are configured
- When sync is attempted for a policy-denied repository
- Then sync is skipped with explicit
policy_*reason code and no mutation - And
syncctl doctorreports governance/source-policy drift with remediation hints
CLI/TUI parity matrix guardrail
- A machine-readable CLI/TUI parity matrix exists.
- CI fails if
syncctltop-level command groups are not represented in the matrix. - CI fails if matrix-mapped TUI palette commands are missing.
Verification Mapping
Each acceptance item is mapped to a primary automated/manual verification path for release closure.
| ID | Primary Verification | Type |
|---|---|---|
| 1 | go test ./internal/core/git/... ./internal/core/sync/... + integration dirty-repo scenarios | automated |
| 2 | go test ./internal/core/git/... + code review of git client operations | automated + manual review |
| 3 | go test ./internal/core/git/... (cleanup/branch protection tests) | automated |
| 4 | go test ./internal/core/providers/... ./internal/core/sync/... | automated |
| 5 | go test ./internal/core/sync/... ./internal/core/git/... | automated |
| 6 | go test ./internal/core/sync/... ./internal/core/git/... | automated |
| 7 | go test ./internal/core/sync/... + trace/event assertions | automated |
| 8 | go test ./internal/core/git/... + integration stale-branch flows | automated |
| 9 | go test ./internal/core/git/... | automated |
| 10 | go test ./internal/core/install/... ./tests/integration/... (linux install scripts + service tests) | automated |
| 11 | go test ./internal/core/install/... ./tests/integration/... (windows task tests) | automated |
| 12 | go test ./cmd/syncctl/... ./internal/ui/tui/... + CLI/TUI parity spot check | automated + manual |
| 13 | go test ./internal/core/providers/... ./cmd/syncctl/... | automated |
| 14 | go test ./internal/core/logging/... ./internal/core/telemetry/... + manual log inspection sample | automated + manual |
| 15 | go test ./internal/core/update/... ./cmd/syncctl/... + release artifact checks | automated |
| 16 | go test ./internal/core/update/... ./cmd/syncctl/... (rollback tests) | automated |
| 17 | go test ./internal/core/daemon/... ./cmd/syncctl/... (trace/run state tests) | automated |
| 18 | go test ./internal/core/telemetry/... ./cmd/syncctl/... ./internal/ui/tui/... | automated |
| 19 | go test ./internal/core/providers/... ./internal/core/sync/... ./tests/integration/... | automated |
| 20 | go test ./internal/core/providers/... ./tests/integration/... + org/personal source config validation | automated + manual |
| 21 | go test ./internal/core/workspace/... ./cmd/syncctl/... | automated |
| 22 | go test ./internal/core/auth/... ./internal/core/state/... + manual credential-store check on target OS | automated + manual |
| 23 | Manual runbook review in docs/operations/incident-response-playbook.md and docs/operations/service-operations-guide.md | manual |
| 24 | go test ./internal/core/daemon/... ./tests/integration/... (scale fairness tests) | automated |
| 25 | go test ./internal/core/sync/... ./cmd/syncctl/... ./tests/integration/... (policy enforcement + doctor governance diagnostics) | automated |
| 26 | go test ./tests/integration/parity/... + matrix file review | automated + manual |
Release candidate closure requires all automated checks green and all manual checks signed in docs/release/release-candidate-checklist.md.