feat: move-diff-logic-within-the-plugin #6
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: pr-code-coverage | |
| # Dogfoods this plugin on its own PRs: builds the plugin image from the PR | |
| # source, computes coverage for only the lines changed in the PR, and posts a | |
| # summary comment on the PR. | |
| on: | |
| pull_request: | |
| permissions: | |
| contents: read | |
| pull-requests: write # required so the plugin can post the coverage comment | |
| jobs: | |
| coverage: | |
| runs-on: ubuntu-latest | |
| # Runs on fork PRs too. Fork PRs only get a read-only GITHUB_TOKEN and no | |
| # secrets, so the plugin can't post the PR comment there — it just prints | |
| # coverage to the job log (the reporter no-ops the comment when the token / | |
| # PR context is missing). | |
| steps: | |
| - name: Check out the repo | |
| uses: actions/checkout@v4 | |
| # No fetch-depth needed: the plugin now fetches the PR diff from the | |
| # GitHub API (PARAMETER_DIFF_SOURCE=github), so we don't diff against the | |
| # base branch locally. Checkout is only here to build the image and run | |
| # the tests that produce the coverage report. | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: 1.26.3 | |
| - name: Generate coverage profile | |
| run: go test -coverpkg=./... -coverprofile=coverage.txt ./... | |
| - name: Convert coverage to cobertura | |
| # go run leaves no installed binary; boumenot emits <source> as the | |
| # absolute build dir (== github.workspace) and class filenames relative | |
| # to the module root, which is what PARAMETER_SOURCE_DIRS matches against. | |
| run: go run github.com/boumenot/gocover-cobertura@v1.5.0 < coverage.txt > coverage.xml | |
| - name: Build plugin image | |
| # The published :latest image predates the public-github.com base-URL fix, | |
| # so build from the PR source to test the exact code under review. | |
| run: docker build -t pr-code-coverage:ci . | |
| - name: Report coverage on changed lines | |
| # On fork PRs the GITHUB_TOKEN is read-only: the plugin can read the diff | |
| # but the PR-comment POST gets a 403 and errors. Tolerate that on forks so | |
| # the run still goes green with coverage printed to the log; same-repo PRs | |
| # keep failing loudly on real errors. | |
| continue-on-error: ${{ github.event.pull_request.head.repo.full_name != github.repository }} | |
| env: | |
| # Fetch the PR diff straight from the GitHub API instead of piping in a | |
| # local `git diff`. Note the API diff covers ALL changed files, not just | |
| # *.go, so non-Go edits (yml/md) show up as "untracked changed lines". | |
| PARAMETER_DIFF_SOURCE: github | |
| PARAMETER_COVERAGE_TYPE: cobertura | |
| PARAMETER_COVERAGE_FILE: coverage.xml | |
| # Must equal the cobertura <source> path (the dir go test ran in). | |
| PARAMETER_SOURCE_DIRS: ${{ github.workspace }} | |
| # Omit PARAMETER_GH_API_BASE_URL -> defaults to https://api.github.com. | |
| PARAMETER_GH_API_KEY: ${{ secrets.GITHUB_TOKEN }} | |
| BUILD_PULL_REQUEST_NUMBER: ${{ github.event.pull_request.number }} | |
| REPOSITORY_ORG: ${{ github.repository_owner }} | |
| REPOSITORY_NAME: ${{ github.event.repository.name }} | |
| # The container still mounts the workspace so it can read coverage.xml; | |
| # the diff no longer comes from stdin, so `-i` and the pipe are gone. | |
| run: | | |
| docker run --rm \ | |
| -e PARAMETER_DIFF_SOURCE \ | |
| -e PARAMETER_COVERAGE_TYPE \ | |
| -e PARAMETER_COVERAGE_FILE \ | |
| -e PARAMETER_SOURCE_DIRS \ | |
| -e PARAMETER_GH_API_KEY \ | |
| -e BUILD_PULL_REQUEST_NUMBER \ | |
| -e REPOSITORY_ORG \ | |
| -e REPOSITORY_NAME \ | |
| -v "${{ github.workspace }}:${{ github.workspace }}" \ | |
| -w "${{ github.workspace }}" \ | |
| pr-code-coverage:ci |