ci: enable coverage reporting with artifact upload and PR summary

[kaviththiranga]

• Switch from yarn test to yarn test:all (with --coverage)
• Upload coverage/ as downloadable artifact (14-day retention)
• Add coverage summary to GitHub Actions step summary on PRs
• Add pull-requests: write permission for PR interactions

Current Coverage: 19% line coverage across the entire codebase (22,539 lines found, 4,313 hit). That's our
baseline to improve from.

Summary by CodeRabbit

• Chores
  • CI permissions updated to grant additional workflow write access for pull-request operations.
  • Test job now runs the full test suite during CI.
  • Test coverage is uploaded as an artifact after runs, and a coverage summary is appended to pull request summaries to surface line coverage metrics.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 9f9114c0-4750-489d-8404-4f5b66e2c8bf

📥 Commits

Reviewing files that changed from the base of the PR and between 1b28d3c and 3c71a8d.

📒 Files selected for processing (1)

• .github/workflows/build-and-test.yml

🚧 Files skipped from review as they are similar to previous changes (1)

• .github/workflows/build-and-test.yml

---

📝 Walkthrough

Walkthrough

The workflow updates GitHub Actions: grants pull-requests: write, changes the test step to yarn test:all, uploads coverage/ as an artifact (always), and on pull requests appends a parsed line-coverage summary from coverage/lcov.info to $GITHUB_STEP_SUMMARY.

Changes

Cohort / File(s)	Summary
GitHub Actions Workflow ​.github/workflows/build-and-test.yml	Added pull-requests: write permission. Changed test command from yarn test to yarn test:all. Added artifact upload of coverage/ with if: always(). Added a PR-only step that parses coverage/lcov.info (counts DA: entries and computes line coverage) and appends a coverage table or “No coverage data found.” to $GITHUB_STEP_SUMMARY.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 I hopped through CI with a jaunty trot,

tests ran wider, coverage I brought.
Artifacts saved for a careful peep,
PRs now whisper the metrics they keep.
Thump-thump! rejoice — the pipeline's got hop.

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description covers the key technical changes but lacks adherence to the repository's detailed template structure, missing sections like Purpose, Goals, Approach, User stories, Release notes, and other required documentation.	Expand the description to follow the template structure: add Purpose section with related issues, Goals section explaining the benefits, Approach section, Release notes for users, and complete other applicable sections like Security checks.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely summarizes the main changes: enabling coverage reporting with artifact upload and PR summary, which aligns directly with the modifications made to the CI workflow.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (2)

.github/workflows/build-and-test.yml (2)

17-19: Consider scoping pull-requests: write to the test job only, or removing if not needed.

The $GITHUB_STEP_SUMMARY feature doesn't require pull-requests: write permission—it works with default workflow permissions. This permission is typically needed for posting PR comments, adding labels, or creating reviews.

If you plan to add PR commenting in the future, scope this permission to the test job rather than workflow-level to follow least-privilege principles:

test:
  name: Tests
  permissions:
    pull-requests: write

If no PR commenting is planned, consider removing this permission entirely.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/build-and-test.yml around lines 17 - 19, The workflow
currently grants workspace-wide pull-requests: write permission which is
unnecessary for $GITHUB_STEP_SUMMARY and violates least-privilege; remove the
top-level pull-requests: write entry or move it into the test job only by adding
a permissions block under the test job (job name "test") with pull-requests:
write if you actually need PR write actions later; otherwise delete the
pull-requests: write line from the workflow-level permissions to keep default
minimal permissions.

---

103-120: Improve robustness of lcov parsing when coverage file is missing.

When coverage/lcov.info doesn't exist, the grep commands will output errors to stderr before falling back to 0. This clutters the logs. Additionally, this step won't run if tests fail (unlike the artifact upload which uses if: always()).

♻️ Suggested improvements

       - name: Coverage summary on PR
-        if: github.event_name == 'pull_request'
+        if: github.event_name == 'pull_request' && always()
         run: |
           echo "## Test Coverage Report" >> $GITHUB_STEP_SUMMARY
           echo "" >> $GITHUB_STEP_SUMMARY
+          if [ ! -f coverage/lcov.info ]; then
+            echo "No coverage data found." >> $GITHUB_STEP_SUMMARY
+            exit 0
+          fi
           # Parse lcov.info for summary
-          LINES_FOUND=$(grep -c "^DA:" coverage/lcov.info || echo 0)
-          LINES_HIT=$(grep "^DA:" coverage/lcov.info | grep -cv ",0$" || echo 0)
+          LINES_FOUND=$(grep -c "^DA:" coverage/lcov.info 2>/dev/null || echo 0)
+          LINES_HIT=$(grep "^DA:" coverage/lcov.info 2>/dev/null | grep -cv ",0$" || echo 0)
           if [ "$LINES_FOUND" -gt 0 ]; then

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/build-and-test.yml around lines 103 - 120, The "Coverage
summary on PR" step should avoid noisy grep errors and run even when tests fail:
first guard access to coverage/lcov.info (test [ -f coverage/lcov.info ]) before
running grep so LINES_FOUND/LINES_HIT are only computed when the file exists
(otherwise set them to 0), and silence grep stderr (or skip grep entirely when
file missing) to prevent error output; also change the step condition from
limiting to github.event_name == 'pull_request' to use if: always() (or combine
with pull request check) so artifacts/summary are attempted even on failing
tests. Use the existing step name "Coverage summary on PR" and variables
LINES_FOUND, LINES_HIT, COVERAGE and the path coverage/lcov.info to locate where
to apply these changes.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In @.github/workflows/build-and-test.yml:
- Around line 17-19: The workflow currently grants workspace-wide pull-requests:
write permission which is unnecessary for $GITHUB_STEP_SUMMARY and violates
least-privilege; remove the top-level pull-requests: write entry or move it into
the test job only by adding a permissions block under the test job (job name
"test") with pull-requests: write if you actually need PR write actions later;
otherwise delete the pull-requests: write line from the workflow-level
permissions to keep default minimal permissions.
- Around line 103-120: The "Coverage summary on PR" step should avoid noisy grep
errors and run even when tests fail: first guard access to coverage/lcov.info
(test [ -f coverage/lcov.info ]) before running grep so LINES_FOUND/LINES_HIT
are only computed when the file exists (otherwise set them to 0), and silence
grep stderr (or skip grep entirely when file missing) to prevent error output;
also change the step condition from limiting to github.event_name ==
'pull_request' to use if: always() (or combine with pull request check) so
artifacts/summary are attempted even on failing tests. Use the existing step
name "Coverage summary on PR" and variables LINES_FOUND, LINES_HIT, COVERAGE and
the path coverage/lcov.info to locate where to apply these changes.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: d8f6a53f-d865-4ef3-b8ef-445befae9b72

📥 Commits

Reviewing files that changed from the base of the PR and between f147d7d and 1b28d3c.

📒 Files selected for processing (1)

• .github/workflows/build-and-test.yml