krun.pro
 [ don’t_write_code_you_can’t_maintain ] [clean_code]
The cost of data transfer is often higher than the cost of computation.

Why 100% Test Coverage Can Mislead Developers in Kotlin & CI Pipelines

Every developer knows the thrill of a green CI pipeline. Yet passing tests can mislead developers, giving a false sense that 100% coverage guarantees correctness. Coverage only shows which lines ran—it says nothing about real-world behavior. A function may pass a thousand tests while production silently corrupts data.

The Poison of Silent Defaults

One of the most common ways passing tests mislead us is through the reckless use of default values. In Kotlin or Swift, its tempting to use the Elvis operator to fix a nullability issue. It keeps the compiler happy and makes the tests easy to write, but its a silent killer for business logic.

// The "Safe" Code that Ruins Your Data
data class Transaction(val id: String, val amount: Double?)

fun processPayment(tx: Transaction) {
    val finalAmount = tx.amount ?: 0.0
    bankApi.charge(finalAmount)
}

A unit test for this is trivial. You pass a null amount, you assert that finalAmount is 0.0, and the test turns green. You celebrate. Meanwhile, in production, a bug in the upstream service sends a null amount for a $5,000 invoice. Your system safely processes it as $0.0. No error is thrown. No alert triggers. The logs show a successful Green transaction. Youve just lost five grand because your test validated the syntax of the default value rather than the integrity of the domain rule.

A passing test that confirms a bad default is worse than no test at all. It provides a false sense of security that prevents you from implementing real validation.

The Coverage Illusion

Coverage is a structural metric, not a logical one. You can achieve 100% line coverage by running Happy Path data that never hits the dark corners of your logic. Most developers test what they expect to happen, but production is defined by what you dont expect.

Consider a simple discount calculator. You might have tests for VIP users, regular users, and guest users. All lines are covered. But what happens if the userType is an empty string? What if the price is negative due to a rounding error elsewhere? If those scenarios arent in your test suite, your 100% coverage is a vanity metric. You are essentially driving a car with a speedometer that works perfectly but a steering wheel that isnt connected to the wheels.

// Coverage: 100% | Reality: Broken
fun applyDiscount(price: Double, code: String?): Double {
    return if (code == "SUMMER24") price * 0.8 else price
}

@Test
fun testDiscount() {
    assertEquals(80.0, applyDiscount(100.0, "SUMMER24"))
    assertEquals(100.0, applyDiscount(100.0, "WINTER"))
}

The tests above cover every branch. But they miss the fact that code could be summer24 (lowercase), or that price could be 0. The developer sees the green badge and moves on, leaving a pile of edge-case landmines for the next on-call engineer to step on. Real testing requires boundary analysis, not just line execution.

We need to stop asking is this line covered? and start asking what happens if this input is total garbage? Only then does the green build actually mean something.

The Mocking Circus: Testing in a Sandbox Reality

Mocking is the ultimate double-edged sword. Done right, it isolates logic. Done wrong—which is 90% of the time—it creates a hallucination layer. You arent testing your code; youre testing your assumptions about how other code works. If your assumption is wrong, your test is a green lie. We spend hours configuring whenever(api.call()).thenReturn(data), building a perfect little world where the network never fails, the database is always fast, JSON schema never changes.

The danger here is Structural Over-specification. You end up testing the implementation instead of the behavior. If you refactor a function to use a different internal service but the output remains the same, your tests should stay green. If they break because a specific mock wasnt called twice with these exact arguments, you arent writing safety nets—youre writing overhead.

// Brittle, Useless Mocking
@Test
fun testUpdateUser() {
    val repo = mock<UserRepository>()
    val service = UserService(repo)
    
    service.updateEmail("1", "new@mail.com")
    
    // This only checks if the method was called. 
    // It doesn't check if the data was actually valid or saved correctly.
    verify(repo).save(any()) 
}

In production, repo.save() might throw a ConstraintViolationException because the email is already taken. Your mock doesnt care. It happily reports Verified! while the real-world system crashes. Over-mocking hides the Contractual Failures between modules. Youve tested the plumbing, but you havent checked if the water is toxic.

The Integration Void

Unit tests are cheap and fast, which is why managers love them. But they rarely catch the bugs that actually take down a system. The Integration Void is the space between two perfectly tested units where the logic falls apart. You have a Service A that returns a non-null object and a Service B that expects that object. Both have 100% coverage.

Then comes the real world: Service A encounters a timeout and returns null (or an empty object) because someone put a try-catch block around the network call just in case. Service B receives this unexpected state and explodes. Because you mocked the interaction between them in your unit tests, you never saw the explosion coming. You traded System Reliability for Development Speed.

Concurrency Hazards: The Coroutine Trap

In modern Kotlin development, concurrency biggest source of invisible bugs. Coroutines are elegant, but they are a nightmare for standard unit testing. Most developers use runBlocking or TestScope force asynchronous code into a synchronous flow. This makes the tests pass, but it completely ignores Race Conditions and Side Effects.

// The "Passes in Tests, Dies in Load" Pattern
fun syncData() = CoroutineScope(Dispatchers.IO).launch {
    val data = fetchData() // Long running
    saveToDb(data)
}

In a unit test, fetchData() returns instantly. In production, it takes 2 seconds. If the user navigates away or triggers the action again, you end up with multiple jobs writing to the DB simultaneously, or a JobCancellationException that bubbles up and kills the entire app process. Your green test didnt catch this because it wasnt running in a multi-threaded, high-latency environment.

Testing concurrency requires more than just assertEquals. It requires Stress Testing and State Monitoring. If your test suite doesnt simulate What happens if this takes 10 seconds? or What happens if the user cancels halfway through?, then you arent testing your code—youre just hoping for the best.

Beyond Assertions: Testing for Reality

If you want to stop shipping bugs that passed all tests, you have to stop testing for what you want to happen. Most test suites are just a series of Happy Path stories. To actually break your code before a user does, you need to use tools that dont care about your feelings or your clean architecture.

The Chaos of Property-Based Testing

Standard testing is predictable: you give 2 and 2, you expect 4. But production is a drunk user typing emojis into a credit card field. This is where Property-Based Testing (PBT) comes in. Instead of picking specific values, you define a rule (a property) and let the engine throw 10,000 random, degenerate, and borderline impossible inputs at your function.

// Property: Discount never makes the price negative
checkAll(Arb.double(), Arb.string()) { price, code ->
    val result = applyDiscount(price, code)
    result >= 0.0 // This will catch NaN, Infinity, and negative inputs you forgot
}

If your code survives 10,000 rounds of random garbage, it might actually survive a week in production. If it fails on input -1.234E-158, youve just found a bug that would have stayed hidden for years in a regular unit test suite.

Mutation Testing: Testing the Tests

The ultimate bullshit detector for your test suite is Mutation Testing. Its simple: a tool goes into your source code and intentionally breaks it. It changes > to <, + to -, or deletes a line entirely. Then it runs your tests.

If your tests still pass after the code was sabotaged, your tests are useless. They arent actually asserting anything meaningful about that logic. They are just touching the lines to make the coverage report look pretty. If your 100% Coverage suite doesnt fail when the logic is inverted, youre flying blind with a broken radar.

Weaponizing Your CI: Mutation Testing with Pitest

If you want to stop guessing whether your tests actually work, you need to automate the sabotage. For Kotlin projects, Pitest is the gold standard. It hooks into your Gradle build and systematically injects faults—mutants—into your bytecode. If your test suite doesnt scream (fail), the mutant survives, and youve just exposed a gap in your safety net.

// build.gradle.kts - The "Truth" Configuration
plugins {
    id("org.pitest.pitest") version "1.15.0"
}

pitest {
    targetClasses.set(listOf("com.krun.dev.service.*")) // Target your logic
    pitestVersion.set("1.15.0")
    threads.set(4)
    outputFormats.set(listOf("HTML", "XML"))
    timestampedReports.set(false)
    mutationThreshold.set(85) // CI fails if < 85% of mutants are killed
}

Integrating this into a GitHub Actions pipeline transforms a Green Build from a suggestion into a contract. Instead of just running ./gradlew test, you execute ./gradlew pitest.

# .github/workflows/ci.yml
- name: Run Mutation Tests
  run: ./gradlew pitest
- name: Check Mutation Threshold
  run: |
    # If Pitest finds that tests are blind to logic changes,
    # the pipeline must die here.
    if [ $? -ne 0 ]; then echo "Mutation score too low!"; exit 1; fi

Warning: Mutation testing is computationally expensive. Dont run it on every small commit. Trigger it on Pull Requests to the main branch. Its better to wait 5 extra minutes for a build than to spend 5 hours debugging a production disaster that your 100% coverage report missed. This is the difference between playing at DevOps and actually protecting your data.

Expert Conclusion: The Dont Trust, Verify Mindset

Lets be real: no amount of testing will make your code 100% bug-free. The goal isnt perfection; its predictability. A Green Build is just the starting line, not the finish. To build systems that dont crumble at 3 AM, you need to shift your mindset from Does it pass? to How does it fail?

  • Kill the Defaults: Stop using ?: 0.0 to hide nulls. If a value is missing and it shouldnt be, throw an exception. Fail fast, fail loud. A crash in the logs is better than a silent corruption in the database.
  • Test Behavior, Not Structure: If you change a private method and ten tests break, your tests are too coupled to the how instead of the what. Focus on the output, not the internal wiring.
  • Integration is Everything: Units are easy. Systems are hard. Invest more in integration tests that use real (or containerized) databases and real network calls. Mocks dont have latency; real life does.
  • Observability > Testing: Since tests will fail you, make sure you can see the failure happening in real-time. Logging, tracing, and metrics are your last line of defense when the Green Build inevitably hits a scenario you didnt imagine.

The bottom line: High coverage is a side effect of good testing, not the goal. If youre chasing a percentage, youre playing a game of numbers. If youre chasing edge cases, failures, and impossible states, youre actually doing engineering. Stop trusting the green light and start questioning why its green in the first place.

 

Written by: