Files
Noah Thornton d12d64d488 Change PR build to generate coverage and comment it (#1474)
This extends the github actions to by default run the coverage
generation targets. The targets will generate the coverage artifacts,
which will then be used by a seprate github action to comment on the PR
the coverage numbers.

This is a sanity check for testing information for new features and
refactors alike. It will allow reviewers to quickly identify if there
are major issues with new tests, or large changes to coverage percentage
that indicate a problem.
2026-05-04 11:10:02 -07:00

54 lines
1.6 KiB
YAML

name: container project - PR build
permissions:
contents: read
on:
pull_request:
types: [opened, reopened, synchronize]
jobs:
verify-signatures:
name: Verify commit signatures
runs-on: ubuntu-latest
steps:
- name: Check all commits are signed
env:
GH_TOKEN: ${{ github.token }}
REPO: ${{ github.repository }}
PR_NUMBER: ${{ github.event.pull_request.number }}
run: |
commits=$(gh api "repos/${REPO}/pulls/${PR_NUMBER}/commits" --paginate)
unsigned_commits=""
while IFS='|' read -r sha author verified; do
if [ "$verified" != "true" ]; then
unsigned_commits="$unsigned_commits - $sha by $author\n"
fi
done < <(echo "$commits" | jq -r '.[] | "\(.sha)|\(.commit.author.name)|\(.commit.verification.verified)"')
if [ -n "$unsigned_commits" ]; then
echo "::error::The following commits are not signed:"
echo -e "$unsigned_commits"
echo ""
echo "Please sign your commits. See:"
echo " - https://github.com/apple/containerization/blob/main/CONTRIBUTING.md#pull-requests"
echo " - https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits"
exit 1
fi
echo "All commits are signed!"
build:
name: Invoke build
uses: ./.github/workflows/common.yml
with:
release: false
coverage: true
pr_number: ${{ github.event.pull_request.number }}
secrets: inherit
permissions:
contents: read
packages: read
pages: write