-
Notifications
You must be signed in to change notification settings - Fork 49
Add GitHub coverage reporting workflow #702
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: main
Are you sure you want to change the base?
Changes from 1 commit
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
| @@ -0,0 +1,114 @@ | ||||||
| # SPDX-FileCopyrightText: Copyright (c) 2026 NVIDIA CORPORATION & AFFILIATES. All rights reserved. | ||||||
| # SPDX-License-Identifier: Apache-2.0 | ||||||
|
|
||||||
| name: Coverage | ||||||
|
|
||||||
| on: | ||||||
| push: | ||||||
| branches: [ main, 'release/*.*.x' ] | ||||||
| pull_request: | ||||||
| workflow_dispatch: | ||||||
|
|
||||||
| # For PRs, cancel superseded coverage runs. For main/release pushes, let each | ||||||
| # published signal complete. | ||||||
| concurrency: | ||||||
| group: ${{ github.workflow }}-${{ github.ref }} | ||||||
| cancel-in-progress: ${{ github.event_name == 'pull_request' }} | ||||||
|
|
||||||
| jobs: | ||||||
| ctest-coverage-ubuntu: | ||||||
| name: CTest coverage (Ubuntu) | ||||||
| runs-on: ubuntu-22.04 | ||||||
| permissions: | ||||||
| contents: read | ||||||
| timeout-minutes: 45 | ||||||
|
|
||||||
| steps: | ||||||
| - name: Checkout code | ||||||
| uses: actions/checkout@v6 | ||||||
| with: | ||||||
| fetch-depth: 0 | ||||||
|
|
||||||
| - name: Install uv | ||||||
| uses: ./.github/actions/setup-uv | ||||||
|
|
||||||
| - name: Install Apt dependencies | ||||||
| run: | | ||||||
| sudo apt-get update | ||||||
| sudo apt-get install -y build-essential cmake ninja-build ccache gcovr clang-format-14 \ | ||||||
| libx11-dev libvulkan-dev glslang-tools libxrandr-dev libxinerama-dev libxcursor-dev \ | ||||||
| libxi-dev libxext-dev libxkbcommon-dev libwayland-dev wayland-protocols \ | ||||||
| autoconf automake libtool pkg-config libudev-dev | ||||||
|
|
||||||
| - name: Configure coverage build | ||||||
| run: | | ||||||
| set -euo pipefail | ||||||
| cmake -S . -B build-coverage -G Ninja \ | ||||||
| -DCMAKE_BUILD_TYPE=Debug \ | ||||||
| -DISAAC_TELEOP_PYTHON_VERSION=3.11 \ | ||||||
| -DBUILD_VIZ=OFF \ | ||||||
| -DBUILD_PLUGINS=OFF \ | ||||||
| -DBUILD_EXAMPLES=OFF \ | ||||||
| -DBUNDLE_ROBOTIC_GROUNDING=OFF \ | ||||||
| -DENABLE_CLOUDXR_BUNDLE_CHECK=OFF \ | ||||||
| -DENABLE_CLANG_FORMAT_CHECK=OFF \ | ||||||
| -DCMAKE_C_COMPILER_LAUNCHER=ccache \ | ||||||
| -DCMAKE_CXX_COMPILER_LAUNCHER=ccache \ | ||||||
| -DCMAKE_C_FLAGS="--coverage -O0 -g" \ | ||||||
| -DCMAKE_CXX_FLAGS="--coverage -O0 -g" \ | ||||||
| -DCMAKE_EXE_LINKER_FLAGS="--coverage" \ | ||||||
| -DCMAKE_SHARED_LINKER_FLAGS="--coverage" \ | ||||||
| -DCMAKE_MODULE_LINKER_FLAGS="--coverage" | ||||||
|
|
||||||
| - name: Build | ||||||
| run: cmake --build build-coverage --parallel 4 | ||||||
|
|
||||||
| - name: Run CTest | ||||||
| run: ctest --test-dir build-coverage --output-on-failure --parallel 4 | ||||||
|
|
||||||
| - name: Generate coverage report | ||||||
| run: | | ||||||
| set -euo pipefail | ||||||
| mkdir -p coverage/html | ||||||
|
|
||||||
| gcovr_args=( | ||||||
| --root "${GITHUB_WORKSPACE}" | ||||||
| --object-directory build-coverage/src | ||||||
| --filter "src/" | ||||||
| --exclude "src/.*/.*_tests/.*" | ||||||
| --exclude "src/.*/tests/.*" | ||||||
| --exclude "src/.*/python_tests/.*" | ||||||
| ) | ||||||
|
|
||||||
| gcovr "${gcovr_args[@]}" --txt --output coverage/summary.txt --print-summary | tee coverage/totals.txt | ||||||
| gcovr "${gcovr_args[@]}" --xml-pretty --output coverage/coverage.xml | ||||||
| gcovr "${gcovr_args[@]}" --html-details --output coverage/html/index.html | ||||||
|
|
||||||
| - name: Publish coverage summary | ||||||
| run: | | ||||||
| set -euo pipefail | ||||||
| { | ||||||
| echo "## CTest coverage" | ||||||
| echo | ||||||
| echo "Native coverage was generated from the Debug CTest build with plugins, examples, and Televiz disabled." | ||||||
| echo | ||||||
| echo "### Totals" | ||||||
| echo '```' | ||||||
| cat coverage/totals.txt | ||||||
| echo '```' | ||||||
| echo | ||||||
| echo "Download the \`isaacteleop-coverage\` artifact for the HTML report and Cobertura XML." | ||||||
| } >> "${GITHUB_STEP_SUMMARY}" | ||||||
|
|
||||||
| - name: Upload coverage artifact | ||||||
| if: ${{ always() }} | ||||||
| uses: actions/upload-artifact@v6 | ||||||
| with: | ||||||
| name: isaacteleop-coverage | ||||||
| path: | | ||||||
| coverage/summary.txt | ||||||
|
Collaborator
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. just to confirm: is this the same coverage report format that NVIDIA's internal tooling expects?
Contributor
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Confirmed: the workflow generates Cobertura XML with |
||||||
| coverage/totals.txt | ||||||
| coverage/coverage.xml | ||||||
| coverage/html | ||||||
| if-no-files-found: warn | ||||||
|
Contributor
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🎯 Functional Correctness | 🟠 Major | ⚡ Quick win Fail the job when expected coverage artifacts are missing. Line 113 uses Suggested fix- if-no-files-found: warn
+ if-no-files-found: errorBased on learnings: “if the expected output files are not produced, fail the run instead of silently succeeding.” 📝 Committable suggestion
Suggested change
🤖 Prompt for AI AgentsSource: Learnings
Contributor
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Fixed in 2dc9c2e: changed |
||||||
| retention-days: 14 | ||||||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🔒 Security & Privacy | 🟠 Major
🧩 Analysis chain
🏁 Script executed:
Repository: NVIDIA/IsaacTeleop
Length of output: 4648
🏁 Script executed:
Repository: NVIDIA/IsaacTeleop
Length of output: 4648
🏁 Script executed:
Repository: NVIDIA/IsaacTeleop
Length of output: 4648
🏁 Script executed:
Repository: NVIDIA/IsaacTeleop
Length of output: 4648
🏁 Script executed:
Repository: NVIDIA/IsaacTeleop
Length of output: 4648
🏁 Script executed:
Repository: NVIDIA/IsaacTeleop
Length of output: 4648
Pin the GitHub Actions refs to commit SHAs.
actions/checkout@v6andactions/upload-artifact@v6are mutable tag refs; lock both to immutable SHAs to reduce supply-chain risk. (Lines 28, 105)🧰 Tools
🪛 zizmor (1.26.1)
[error] 28-28: unpinned action reference (unpinned-uses): action is not pinned to a hash (required by blanket policy)
(unpinned-uses)
🤖 Prompt for AI Agents
Source: Linters/SAST tools
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed in 2dc9c2e: pinned
actions/checkoutandactions/upload-artifactto the resolved v6 commit SHAs, and addedpersist-credentials: falseto checkout since this workflow does not push back to the repo.