GitHub Community
-
Select Topic AreaShow & Tell BodyI am creating a Github action for go based application that can deploy coverage report on gh-pages. Below is my name: Go Coverage Report
description: |
This action runs code coverage for Go based projects, uploads the coverage report as an artifact, and comments on the pull request with the link to the deployed coverage report.
author: sonichigo
branding:
icon: 'refresh-cw'
color: 'orange'
inputs:
package-directory:
description: 'Package directory to run tests'
required: false
default: './...'
coverage-file:
description: 'Name of the coverage file (without extension)'
required: false
default: 'coverage-report'
coverage-threshold:
description: 'Minimum coverage percentage required.'
required: false
default: '80'
token:
description: 'Token with Deployment Permissions'
required: true
outputs:
coverage-report-file:
description: 'Path to the generated coverage report file'
value: ${{ steps.generate-report.outputs.report-file }}
runs:
using: 'composite'
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: 1.22.*
- name: Generate coverage report
id: generate-report
run: |
PKG_DIR="${{ inputs.package-directory || './...' }}"
COVERAGE_FILE="${{ inputs.coverage-file || 'coverage-report' }}"
go test -race -coverprofile=$COVERAGE_FILE.out $PKG_DIR
go tool cover -html=$COVERAGE_FILE.out -o $COVERAGE_FILE.html
COVERAGE_PERCENTAGE=$(go tool cover -func=$COVERAGE_FILE.out | grep total: | awk '{print substr($3, 1, length($3)-1)}')
if (( $(echo "$COVERAGE_PERCENTAGE < ${{ inputs.coverage-threshold }}" | bc -l) )); then
echo "Error: Coverage $COVERAGE_PERCENTAGE% is below the required threshold of ${{ inputs.coverage-threshold }}%"
exit 1
fi
echo "report-file=$COVERAGE_FILE.html" >> $GITHUB_OUTPUT
shell: bash
- name: Upload coverage report artifact
uses: actions/upload-artifact@v4
with:
name: coverage-report
path: ${{ steps.generate-report.outputs.report-file }}
- name: Deploy to GitHub Pages
uses: actions/deploy-pages@v3
env:
name: github-pages
token: ${{ inputs.token }}
- name: Comment coverage report link
if: ${{ github.event_name == 'pull_request' }}
uses: actions/github-script@v6
with:
github-token: ${{ github.token }}
script: |
const url = `${process.env.GITHUB_SERVER_URL}/${process.env.GITHUB_REPOSITORY}/deployments/activity_log?environment=github-pages`;
const issueNumber = context.issue.number;
const repo = context.repo.repo;
const owner = context.repo.owner;
github.rest.issues.createComment({
issue_number: issueNumber,
owner: context.repo.owner,
repo: context.repo.repo,
body: `See the coverage report at: [Deployment Log](${url})`
});But I'm getting the error : - Although I have added permission: in my workflow file and using my PAT token for this still facing this error |
Beta Was this translation helpful? Give feedback.
Answered by
Sonichigo
May 17, 2024
Replies: 1 comment
-
|
So wworkflow sets permissions at the workflow-level and job-level. With permissions, there is no inheritance of scopes from level to level - so any scopes not configured at the relevant level are set to none. At the workflow-level, write for contents, pages, and id-token is set. But, at the job-level only Therefore I had to consolidate the two permissions scopes and set to a single level. |
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected by
Sonichigo
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
So wworkflow sets permissions at the workflow-level and job-level. With permissions, there is no inheritance of scopes from level to level - so any scopes not configured at the relevant level are set to none.
At the workflow-level, write for contents, pages, and id-token is set. But, at the job-level only
contents: readandpull-requests: writeare set, so that is all thatGITHUB_TOKENgrants when passed to your action.Therefore I had to consolidate the two permissions scopes and set to a single level.