[release-1.10] ci: upload unit test coverage to Codecov [RHIDP-13388]

.github/workflows/codecov-checks.yaml

@@ -0,0 +1,39 @@
+name: Codecov config validator
+
+on:
+  push:
+    paths:
+      - 'codecov.yml'
+      - '.github/workflows/codecov-checks.yaml'
+  pull_request:
+    paths:
+      - 'codecov.yml'
+      - '.github/workflows/codecov-checks.yaml'
+
+jobs:
+  codecov_validate:
+    runs-on: ubuntu-latest
+    env:
+      CODECOV_CONFIG_FILE: codecov.yml
+      CODECOV_VALIDATE_URL: https://codecov.io/validate
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - name: Validate codecov.yml
+        env:
+          CURL_OPTS: "--connect-timeout 10 --max-time 30 --retry 3 --retry-all-errors"
+        run: |
+          output=$(curl -s -w "\n%{http_code}" ${CURL_OPTS} --data-binary @"${CODECOV_CONFIG_FILE}" "${CODECOV_VALIDATE_URL}")
+          http_code=$(echo "$output" | tail -1)
+          body=$(echo "$output" | sed '$d')
+          echo "$body"
+          if [ "$http_code" -eq 200 ]; then
+            echo "${CODECOV_CONFIG_FILE} is valid"
+            exit 0
+          fi
+          if [ "$http_code" -eq 400 ]; then
+            echo "${CODECOV_CONFIG_FILE} is invalid (HTTP $http_code)"
+            exit 1
+          fi
+          echo "::warning ::Codecov validation endpoint returned HTTP $http_code after retries. This may be a transient issue — please re-run the job."
+          # Fail earlier on transient Codecov API issues, so we can catch the issue and eventually retry
+          exit 1

.github/workflows/nightly.yaml

@@ -30,6 +30,7 @@ jobs:
 
       - name: Set env vars
         run: |
+          echo "COMMIT_SHA=$(git rev-parse HEAD)" >> $GITHUB_ENV
           OPERATOR_MANIFEST="${{ github.workspace }}/dist/rhdh/install.yaml"
           echo "OPERATOR_MANIFEST=${OPERATOR_MANIFEST}" >> $GITHUB_ENV
           OPERATOR_IMAGE=$(curl -s "file://${OPERATOR_MANIFEST}" | yq 'select(.kind == "Deployment" and .metadata.labels.app == "rhdh-operator") | .spec.template.spec.containers[0].image')
@@ -55,21 +56,27 @@ jobs:
           rm_cmd: "rmz"
 
       - name: Setup Go
-        if: ${{ steps.operator-image-existence-checker.outputs.OPERATOR_IMAGE_EXISTS == 'true' }}
         uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6
         with:
           go-version-file: 'go.mod'
 
       # gosec needs a "build" stage so connect it to the lint step which we always do
       - name: Build
-        if: ${{ steps.operator-image-existence-checker.outputs.OPERATOR_IMAGE_EXISTS == 'true' }}
         run: make lint
 
       - name: Test
-        if: ${{ steps.operator-image-existence-checker.outputs.OPERATOR_IMAGE_EXISTS == 'true' }}
-        # run this stage only if there are changes that match the includes and not the excludes
         run: make test
 
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          files: cover.out
+          flags: unittests,nightly
+          fail_ci_if_error: false
+          override_commit: ${{ env.COMMIT_SHA }}
+          override_branch: ${{ matrix.branch }}
+
       - name: Create Kind cluster (integration tests)
         if: ${{ steps.operator-image-existence-checker.outputs.OPERATOR_IMAGE_EXISTS == 'true' }}
         uses: helm/kind-action@a1b0e391336a6ee6713a0583f8c6240d70863de3 # v1.12.0

.github/workflows/pr.yaml

@@ -80,6 +80,17 @@ jobs:
         if: steps.changed-files.outputs.any_changed == 'true'
         run: make test
 
+      - name: Upload coverage to Codecov
+        if: steps.changed-files.outputs.any_changed == 'true'
+        uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          files: cover.out
+          flags: unittests
+          fail_ci_if_error: false
+          override_commit: ${{ github.event.pull_request.head.sha }}
+          override_pr: ${{ github.event.number }}
+
       - name: Create Kind cluster
         if: steps.changed-files.outputs.any_changed == 'true'
         uses: helm/kind-action@a1b0e391336a6ee6713a0583f8c6240d70863de3 # v1.12.0

codecov.yml

@@ -0,0 +1,41 @@
+codecov:
+  require_ci_to_pass: true
+
+coverage:
+  status:
+    project:
+      default:
+        target: auto
+        threshold: 1%
+        if_ci_failed: error
+        informational: true
+    patch:
+      default:
+        target: auto
+        threshold: 5%
+        if_ci_failed: error
+        informational: true
+
+comment:
+  layout: "reach,diff,flags,files"
+  behavior: default
+  require_changes: true
+  require_base: false
+  require_head: true
+
+flag_management:
+  individual_flags:
+    - name: unittests
+      carryforward: true
+    - name: nightly
+      carryforward: true
+
+ignore:
+  - "api/**"
+  - "**/zz_generated*.go"
+  - "bundle/**"
+  - "config/**"
+  - "tests/**"
+  - "integration_tests/**"
+  - "hack/**"
+  - "cmd/main.go"