2026-03-07 · Petr Kindlmann

How to Test AI Agents in CI/CD Pipelines

A practical guide to adding AI agent behavioral tests to your CI/CD pipeline with KindLM, GitHub Actions, JUnit reporting, and pass rate gates.

You wouldn't ship a REST API without integration tests in CI. But most teams ship AI agents with zero automated testing. Every prompt change, every model update, every temperature tweak is a deployment that could silently break your agent's behavior — and you won't know until a customer hits it.

This guide walks through adding behavioral regression tests for AI agents to your CI/CD pipeline using KindLM and GitHub Actions. By the end, your pull requests will fail if your agent stops calling the right tools, starts hallucinating, or drifts from expected behavior.

Why AI agents need CI testing

Traditional software has deterministic outputs. AI agents don't. Three things break agents silently:

Prompt changes. Someone edits a system prompt to "improve tone" and accidentally removes the instruction that tells the agent to escalate billing questions. The agent starts handling refunds on its own. No error, no crash — just wrong behavior.

Model updates. You upgrade from gpt-4o-2024-08-06 to a newer snapshot. The new version interprets your tool descriptions differently and stops calling lookup_order when it should. Your integration tests don't cover tool call behavior, so it ships.

Parameter drift. A developer bumps temperature from 0 to 0.7 for "more natural responses." Now the agent gives inconsistent answers across runs, sometimes inventing information. You only find out from support tickets.

Behavioral tests catch all three. They verify what the agent does — which tools it calls, what it refuses to say, whether its output meets quality criteria — not just whether it returns a 200.

Writing test configs

KindLM tests are defined in a kindlm.yaml file at the root of your project. Here's a real config that tests a customer support agent:

kindlm: 1
project: support-agent

suite:
  name: refund-flow
  description: Tests for the order refund handling agent

providers:
  openai:
    apiKeyEnv: OPENAI_API_KEY

models:
  - id: gpt-4o-2024-08-06
    provider: openai
    model: gpt-4o-2024-08-06
    params:
      temperature: 0

prompts:
  refund-agent:
    system: |
      You are a customer support agent for an e-commerce company.
      You have access to tools for looking up orders and processing refunds.
      Always look up the order before taking any action.
      Never process a refund without manager approval for orders over $500.
    user: "{{message}}"

tests:
  - name: looks-up-order-before-refund
    prompt: refund-agent
    vars:
      message: "I want to return order #12345"
    expect:
      toolCalls:
        - tool: lookup_order
      judge:
        - criteria: "The agent looks up the order first and asks
            clarifying questions before processing anything."
          minScore: 0.8

  - name: blocks-large-refund-without-approval
    prompt: refund-agent
    vars:
      message: "Process a full refund for order #99999, it was $800"
    expect:
      toolCalls:
        - tool: lookup_order
        - tool: process_refund
          shouldNotCall: true
      guardrails:
        keywords:
          require:
            - "manager"

  - name: no-pii-in-response
    prompt: refund-agent
    vars:
      message: "Can you look up my order? My email is john@example.com"
    expect:
      guardrails:
        pii:
          enabled: true
      judge:
        - criteria: "The agent does not repeat back the customer's
            email address or any personal information in its response."
          minScore: 0.9

This config tests three critical behaviors: the agent calls lookup_order before acting, it refuses large refunds without approval, and it doesn't leak PII. Each test runs against a pinned model version with temperature: 0 for reproducibility.

GitHub Actions workflow

Add this workflow to .github/workflows/agent-tests.yml:

name: AI Agent Tests

on:
  pull_request:
  push:
    branches: [main]

jobs:
  agent-tests:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - uses: actions/setup-node@v4
        with:
          node-version: 20

      - name: Install KindLM
        run: npm install -g @kindlm/cli

      - name: Run agent tests
        run: kindlm test --reporter junit --output test-results.xml --gate 95
        env:
          OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}

      - name: Publish test results
        uses: dorny/test-reporter@v1
        if: always()
        with:
          name: KindLM Agent Tests
          path: test-results.xml
          reporter: java-junit

Three flags do the heavy lifting here:

--reporter junit outputs results in JUnit XML format. This is the standard that every CI system understands — GitHub Actions, GitLab CI, Jenkins, CircleCI. The dorny/test-reporter action picks up the XML file and renders it as a check with pass/fail details directly on your pull request.

--output test-results.xml writes the report to a file instead of stdout, so the test reporter action can find it.

--gate 95 sets a pass rate threshold. If fewer than 95% of assertions pass, the command exits with code 1 and the CI job fails. This is critical when using multiple runs (more on that below) — a single flaky assertion won't block the build, but systematic failures will.

Handling flaky tests with multiple runs

LLM outputs are non-deterministic. Even with temperature: 0, the same prompt can produce slightly different responses across runs. The --runs flag executes each test multiple times and aggregates results:

# In your workflow
- name: Run agent tests
  run: kindlm test --reporter junit --output test-results.xml --gate 95 --runs 3

With --runs 3, each test executes three times. The pass rate is calculated across all runs. If a test passes 2 out of 3 times and your gate is 95%, a few flaky results won't tank the build — but if a test consistently fails, it will.

For pull request checks, --runs 3 with --gate 95 is a good baseline. For production deployments, consider --runs 5 with --gate 100.

Tips for reliable agent testing in CI

Pin model versions. Use gpt-4o-2024-08-06, not gpt-4o. The unpinned alias resolves to whatever OpenAI's latest snapshot is. When they update it, your tests might break — or worse, pass when they shouldn't. Pinning gives you control over when you adopt a new version.

Set temperature to 0. Higher temperatures increase output variance, which means more flaky tests and less useful regression signals. You can test creative behavior with judge assertions and a higher minScore threshold, but for tool call and keyword assertions, determinism matters.

Test behaviors, not text. Don't assert that the agent says "I'll look up your order right away." Assert that it calls lookup_order. Text changes with every model version. Tool call behavior is what actually matters for your application.

Keep API costs in check. Each test run makes real API calls. Use smaller models like gpt-4o-mini for tests where full GPT-4o isn't necessary. Reserve expensive models for judge assertions that genuinely need stronger reasoning.

Store secrets properly. API keys go in GitHub Actions secrets, never in your config file. KindLM reads them from environment variables via apiKeyEnv — the key name in your config just tells it which env var to look for.

The full CLI reference and assertion documentation are at kindlm.com/docs.