test: hermeticize env-sensitive inference and gateway tests

[DIZ-admin]

Summary

• isolate inference/provider tests from live base-url environment leakage
• make provider discovery assertion resilient to bundled profile growth
• hermeticize gateway systemd unit tests against root autodetection in the local runtime

Verification

• pytest -q tests/providers/test_plugin_discovery.py::test_all_profiles_register tests/hermes_cli/test_runtime_provider_resolution.py::test_custom_provider_runtime_preserves_provider_name tests/hermes_cli/test_ollama_cloud_auth.py::TestOllamaCloudCredentials::test_ollama_api_key_used_for_ollama_endpoint tests/hermes_cli/test_gateway_service.py::TestGeneratedUnitIncludesLocalBin::test_system_unit_includes_local_bin_in_path tests/hermes_cli/test_gateway_service.py::TestGeneratedSystemdUnits::test_system_unit_avoids_recursive_execstop_and_uses_extended_stop_timeout

Notes

• keeps the PR scope limited to targeted test isolation fixes only
• supersedes test: hermeticize env-sensitive inference and CLI cases #2, which carried unrelated history and a polluted diff

Summary by CodeRabbit

Tests

• Improved test isolation and reliability by strengthening environment variable cleanup across the test suite to prevent configuration overrides from affecting test execution.
• Enhanced systemd unit generation tests with explicit mocking for consistent and more robust test behavior.
• Updated provider profile registry test expectations to reflect current configuration state.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR strengthens test isolation and updates provider discovery assertions across five test files. A global fixture now unsets four additional base-URL override environment variables for every test. Two systemd unit tests add monkeypatching for target-user identity and home remapping. Three provider-related tests explicitly clear environment variables before resolution. The provider discovery count expectation increases from exactly 33 to at least 34 profiles with cache clearing.

Changes

Test Environment Isolation and Assertion Updates

Layer / File(s)	Summary
Global hermetic environment fixture cleanup tests/conftest.py	The autouse fixture now unsets CUSTOM_BASE_URL, OPENROUTER_BASE_URL, OPENCODE_ZEN_BASE_URL, and OPENCODE_GO_BASE_URL for every test run to prevent provider override environment variables from affecting tests.
Systemd unit test isolation tests/hermes_cli/test_gateway_service.py	Two test methods now monkeypatch _system_service_identity and _hermes_home_for_target_user before generating systemd units to ensure target-user identity and home remapping are controlled during testing.
Provider resolution test cleanup tests/hermes_cli/test_ollama_cloud_auth.py, tests/hermes_cli/test_runtime_provider_resolution.py	Tests now explicitly unset CUSTOM_BASE_URL and OPENROUTER_BASE_URL environment variables before invoking provider resolution to isolate behavioral scenarios.
Provider discovery assertion updates tests/providers/test_plugin_discovery.py	The provider profile count assertion is updated from exactly 33 to at least 34 profiles, with added cache clearing and expanded failure reporting of profile names.

🎯 2 (Simple) | ⏱️ ~10 minutes

🐰 Environment vars now stand so tall,
Each test gets a clean hermetic hall,
Systemd patches keep homes in place,
Thirty-four profiles join the race!

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 71.43% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main change: improving test isolation and environment handling across inference, gateway, and provider tests by unsetting environment variables.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/hermetic-inference-tests-pr-clean

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@tests/providers/test_plugin_discovery.py`:
- Around line 57-59: Replace the fragile count assertion on
names/expected_min_profiles in tests/providers/test_plugin_discovery.py with
invariant checks: assert that a set of required canonical provider names (e.g.,
the known core providers) are present in names, assert that len(names) ==
len(set(names)) to guarantee uniqueness, and validate structural shape of each
discovered profile (e.g., required keys/attributes and non-empty strings) using
the same variable names (names, profiles/discovered profiles) and the test
helper(s) that parse/produce profiles so the test fails only on real invariants
rather than enumeration counts.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 3ad55d5e-4b68-450e-9dfe-59e94e949bf8

📥 Commits

Reviewing files that changed from the base of the PR and between 8ef0a6e and 7ee5940.

📒 Files selected for processing (5)

• tests/conftest.py
• tests/hermes_cli/test_gateway_service.py
• tests/hermes_cli/test_ollama_cloud_auth.py
• tests/hermes_cli/test_runtime_provider_resolution.py
• tests/providers/test_plugin_discovery.py

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Replace the profile-count assertion with invariants.

Line 57 still enforces an enumeration count (>= 34), which is a change-detector and will create churn as bundled profiles evolve. Prefer invariants (e.g., required canonical providers exist, names are unique, and discovered profiles are structurally valid).

Suggested change

-    expected_min_profiles = 34
-    assert len(names) >= expected_min_profiles, (
-        f"Expected at least {expected_min_profiles} profiles, got {len(names)}: {names}"
-    )
+    assert names, "No provider profiles were discovered"
+    assert len(names) == len(set(names)), f"Duplicate profile names detected: {names}"

As per coding guidelines, "DO NOT write change-detector tests (fail whenever expected-to-change data updates: ... enumeration counts ...); ... write invariant tests instead."

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/providers/test_plugin_discovery.py` around lines 57 - 59, Replace the
fragile count assertion on names/expected_min_profiles in
tests/providers/test_plugin_discovery.py with invariant checks: assert that a
set of required canonical provider names (e.g., the known core providers) are
present in names, assert that len(names) == len(set(names)) to guarantee
uniqueness, and validate structural shape of each discovered profile (e.g.,
required keys/attributes and non-empty strings) using the same variable names
(names, profiles/discovered profiles) and the test helper(s) that parse/produce
profiles so the test fails only on real invariants rather than enumeration
counts.