ci: add coverage check workflow#6582
Conversation
| if-no-files-found: error | ||
|
|
||
| upload-base-coverage: | ||
| name: Upload Base Coverage to Codecov |
There was a problem hiding this comment.
Base coverage should be queried first, and regenerated only if coverage for a corresponding commit is not found. This improves efficiency.
There was a problem hiding this comment.
Let’s clarify the roles of the two secrets that only access in tronprotocol environment:
secrets.CODECOV_TOKEN: used to upload coverage artifactssecrets.CODECOV_API_TOKEN: used to query coverage reports
Due to GitHub’s permission restrictions, secrets.CODECOV_API_TOKEN is not available in forked pull requests, which prevents querying the base repository’s coverage first.
In addition, the maintainers of java-tron have not configured secrets.CODECOV_API_TOKEN; only the upload token (secrets.CODECOV_TOKEN) is set.
There was a problem hiding this comment.
Agree with @bladehan1 — running a full build + test on every push to develop is expensive. Consider querying Codecov API first to check if coverage for this commit already exists, and skip the build if it does. This could save significant CI minutes, especially on active branches with frequent merges.
There was a problem hiding this comment.
The Codecov API was evaluated and validated during the initial design phase. But, the maintainers of java-tron refuse to configure secrets.CODECOV_API_TOKEN. Therefore, the procedure has to be changed and seems to be quite complex. Actually, push operations (mainly include merge operation) to develop are not very frequent, so it may be acceptable.
| @@ -0,0 +1,58 @@ | |||
| name: Coverage Build | |||
There was a problem hiding this comment.
It is recommended to merge the PR code coverage workflow files.
There was a problem hiding this comment.
Codecov Upload & Compare runs in tron-protocol environment triggered by another workflow, but Coverage Build can only runs in user' environment.
| timeout-minutes: 70 | ||
|
|
||
| steps: | ||
| - name: Wait for codecov/project status |
There was a problem hiding this comment.
After uploading the coverage event, check whether it was successful.
There was a problem hiding this comment.
Workflow Codecov Upload & Compare replies on Coverage Build. If we merge Coverage Build and Waiting Coverage project, Codecov Upload & Compare can never be triggered.
There was a problem hiding this comment.
The polling approach occupies a runner for up to 60 minutes just to check a status. Consider using workflow_run event to react to the Codecov upload completion instead of active polling, which would free up the runner slot. If polling is necessary (e.g., Codecov doesn't trigger workflow events), consider reducing intervalMs to 60s and maxAttempts to 30 (30 min total) — Codecov usually reports within 10-15 minutes.
There was a problem hiding this comment.
The purpose of introducing a waiting job is to ensure developers are clearly notified: a PR must not be merged unless the Codecov report is available.
Without this waiting mechanism when ci starts, all CI checks may appear green when Codecov report is generating, which can mislead developers into thinking that all validations have passed successfully prematurely.
The waiting time is set to 70 minutes for the following reasons:
- The Codecov report depends on the completion of the
Coverage Buildjob. - The
Coverage Buildjob is configured with a maximum runtime of 60 minutes. - Therefore, the waiting job must exceed this duration.
Why does the Coverage Build job require up to 60 minutes? In practice, its execution time is highly variable, typically ranging from 18 to 40 minutes depending on current load of runner, and can occasionally be longer.
If the waiting time is set too short, it may fail prematurely, before the Codecov report is generated.
vividctrlalt
left a comment
vividctrlalt
left a comment
There was a problem hiding this comment.
Minor: several new files are missing a trailing newline (pr-cancel.yml, coverage-waiting.yml, codecov.yml). Not functional, but violates POSIX convention and may cause noisy diffs when lines are appended later.
vividctrlalt
left a comment
vividctrlalt
left a comment
There was a problem hiding this comment.
pr-build.yml runs independently without depending on pr-lint or checkstyle from pr-check.yml. In the previous setup, build jobs had needs: [pr-lint, checkstyle] so they'd skip if lint failed. Now that builds are in a separate workflow, a PR with lint errors will still trigger all platform builds, wasting CI resources. Consider adding a lightweight lint check step or using workflow_run to gate builds on pr-check success.
Good suggestion, append trailing newline to 3 files. |
|
7 participants
Summary
This PR improves the CI pipeline by adding a complete coverage reporting workflow and reorganizing PR checks.
Changes
developandrelease_*branchescodecov.ymlconfiguration for project coverage checksCoverage Check Sequence Diagram(s)
sequenceDiagram participant GH as GitHub (PR Event) participant CGB as Coverage Build<br/>(PR Gen Artifact) participant AS as Artifact Storage participant CUP as Codecov Upload<br/>(PR Upload) participant CV as Codecov API participant CPW as Coverage Project<br/>(Waiting) GH->>CGB: Trigger on PR to develop/<br/>release_* CGB->>CGB: Checkout, setup JDK 8,<br/>build project CGB->>CGB: Generate JaCoCo<br/>reports CGB->>AS: Upload jacoco-coverage<br/>artifact CGB-->>CUP: Workflow complete signal CUP->>AS: Download jacoco-coverage<br/>artifact CUP->>GH: Fetch PR details<br/>(PR number, SHA, branch) CUP->>CV: Upload coverage data<br/>with PR context CV-->>CUP: Coverage upload<br/>acknowledged CPW->>CV: Poll codecov/project<br/>status (every 30s) CV-->>CPW: Return status<br/>(pending/success/failure) CPW->>CPW: Check legacy commit<br/>statuses & check-runs alt Status Success CPW-->>GH: Job succeeds else Status Failure CPW-->>GH: Job fails else Still Pending CPW->>CPW: Wait 30s,<br/>retry (max 120x) endNotes
The coverage comparison report only take effect starting from the next PR.