From 343cba33bb2b86d76338af6adefe50c27bfd76f9 Mon Sep 17 00:00:00 2001 From: "Mr. Z" Date: Thu, 5 Feb 2026 18:31:11 -0500 Subject: [PATCH] sync(ci): update tooling versions in workflows --- .github/.env.base | 6 +- .github/workflows/fortress-coverage.yml | 88 ++++++++++++++++++++++++- .github/workflows/fortress.yml | 2 +- 3 files changed, 90 insertions(+), 6 deletions(-) diff --git a/.github/.env.base b/.github/.env.base index 5d0eab0..98d07a8 100644 --- a/.github/.env.base +++ b/.github/.env.base @@ -39,7 +39,7 @@ GO_SECONDARY_VERSION=1.24.x # Govulncheck-specific Go version for vulnerability scanning # Uses newer Go version for accurate standard library vulnerability detection # Override this in .env.custom if needed for compatibility -GOVULNCHECK_GO_VERSION=1.25.6 +GOVULNCHECK_GO_VERSION=1.25.7 # ================================================================================================ # 📦 GO MODULE CONFIGURATION @@ -150,7 +150,7 @@ GO_COVERAGE_PROVIDER=internal CODECOV_TOKEN_REQUIRED=false # Go Coverage Tool Version -GO_COVERAGE_VERSION=v1.1.17 # https://github.com/mrz1836/go-coverage/releases +GO_COVERAGE_VERSION=v1.2.0 # https://github.com/mrz1836/go-coverage/releases GO_COVERAGE_USE_LOCAL=false # Use local version for development # Core Coverage Settings @@ -235,7 +235,7 @@ REDIS_CACHE_FORCE_PULL=false # Force pull Redis images even when cache # 🪄 MAGE-X CONFIGURATION # ================================================================================================ -MAGE_X_VERSION=v1.18.7 # https://github.com/mrz1836/mage-x/releases +MAGE_X_VERSION=v1.19.2 # https://github.com/mrz1836/mage-x/releases MAGE_X_USE_LOCAL=false # Use local version for development MAGE_X_CI_SKIP_STEP_SUMMARY=true # Skip duplicate test results in step summary (already in test validation summary) MAGE_X_AUTO_DISCOVER_BUILD_TAGS=true # Enable auto-discovery of build tags diff --git a/.github/workflows/fortress-coverage.yml b/.github/workflows/fortress-coverage.yml index a0dd365..f920ac8 100644 --- a/.github/workflows/fortress-coverage.yml +++ b/.github/workflows/fortress-coverage.yml @@ -696,6 +696,11 @@ jobs: --input "$COVERAGE_FILE" \ --output "$OUTPUT_DIR"; then echo "✅ Main coverage processing completed successfully" + + # Copy raw coverage file for main download + echo "📥 Copying coverage.out for main download..." + cp "$COVERAGE_FILE" "$OUTPUT_DIR/coverage.out" + echo "✅ coverage.out copied to main directory" else echo "❌ Main coverage processing failed" exit 1 @@ -791,6 +796,11 @@ jobs: --input "$COVERAGE_FILE" \ --output "$BRANCH_OUTPUT_DIR"; then echo "✅ Branch-specific coverage processing completed successfully" + + # Copy raw coverage file for branch download + echo "📥 Copying coverage.out for branch download..." + cp "$COVERAGE_FILE" "$BRANCH_OUTPUT_DIR/coverage.out" + echo "✅ coverage.out copied to branch directory" else echo "❌ Branch-specific coverage processing failed" exit 1 @@ -870,6 +880,78 @@ jobs: echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" + # -------------------------------------------------------------------- + # Enforce Coverage Threshold + # Fails the build if coverage drops below GO_COVERAGE_THRESHOLD + # Exclusions are already applied during coverage generation + # -------------------------------------------------------------------- + - name: 🎯 Enforce Coverage Threshold + if: env.GO_COVERAGE_THRESHOLD != '' && env.GO_COVERAGE_THRESHOLD != '0' && env.GO_COVERAGE_THRESHOLD != '0.0' + run: | + echo "🎯 Enforcing coverage threshold..." + echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" + + THRESHOLD="${{ env.GO_COVERAGE_THRESHOLD }}" + echo "📊 Coverage threshold: ${THRESHOLD}%" + + # Find coverage file + REPO_ROOT="$(pwd)" + COVERAGE_FILE="" + COVERAGE_LOCATIONS=( + "$REPO_ROOT/coverage-artifacts/coverage-data/${{ inputs.coverage-file }}" + "$REPO_ROOT/coverage-artifacts/${{ inputs.coverage-file }}" + "$REPO_ROOT/${{ inputs.coverage-file }}" + ) + + for location in "${COVERAGE_LOCATIONS[@]}"; do + if [[ -f "$location" ]]; then + COVERAGE_FILE="$location" + break + fi + done + + if [[ -z "$COVERAGE_FILE" ]]; then + echo "⚠️ Coverage file not found for threshold check" + echo "🔍 Searched in:" + for location in "${COVERAGE_LOCATIONS[@]}"; do + echo " - $location" + done + echo "❌ Cannot enforce threshold without coverage data" + exit 1 + fi + + echo "📄 Coverage file: $COVERAGE_FILE" + echo "" + + # Use go-coverage parse to check threshold + # This command returns non-zero exit code if coverage is below threshold + echo "🔍 Checking coverage against threshold..." + if "$GO_COVERAGE_BINARY" parse \ + --file "$COVERAGE_FILE" \ + --threshold "$THRESHOLD"; then + echo "" + echo "✅ Coverage threshold check PASSED" + else + EXIT_CODE=$? + echo "" + echo "❌ Coverage threshold check FAILED" + echo "" + echo "🚨 BUILD FAILURE: Coverage is below the required threshold of ${THRESHOLD}%" + echo "" + echo "📝 To fix this:" + echo " 1. Add more tests to increase coverage" + echo " 2. Or adjust GO_COVERAGE_THRESHOLD in .env.base/.env.custom" + echo "" + echo "📊 Coverage exclusions (applied during test generation):" + echo " - GO_COVERAGE_EXCLUDE_PATHS: ${{ env.GO_COVERAGE_EXCLUDE_PATHS }}" + echo " - GO_COVERAGE_EXCLUDE_FILES: ${{ env.GO_COVERAGE_EXCLUDE_FILES }}" + echo " - GO_COVERAGE_EXCLUDE_TESTS: ${{ env.GO_COVERAGE_EXCLUDE_TESTS }}" + echo " - GO_COVERAGE_EXCLUDE_GENERATED: ${{ env.GO_COVERAGE_EXCLUDE_GENERATED }}" + exit $EXIT_CODE + fi + + echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" + - name: 📈 Record coverage history # Record history for all branches to enable trend tracking if: github.event_name == 'push' @@ -1143,6 +1225,7 @@ jobs: "coverage-flat.svg" "coverage-flat-square.svg" "coverage-for-the-badge.svg" + "coverage.out" ) # Selectively copy coverage files to avoid nested directory structures @@ -1198,6 +1281,7 @@ jobs: "coverage-flat-square.svg" "coverage-for-the-badge.svg" "coverage.html" + "coverage.out" "index.html" "dashboard.html" "coverage-data.json" @@ -1666,7 +1750,7 @@ jobs: echo "📋 Updating root coverage files for main branch (with filtering)..." # Define allowed root files explicitly - ALLOWED_ROOT_FILES=("index.html" "coverage.html" "coverage.svg" "coverage-flat.svg" "coverage-flat-square.svg" "coverage-for-the-badge.svg" ".nojekyll" "data" "assets") + ALLOWED_ROOT_FILES=("index.html" "coverage.html" "coverage.svg" "coverage-flat.svg" "coverage-flat-square.svg" "coverage-for-the-badge.svg" "coverage.out" ".nojekyll" "data" "assets") # Copy only allowed root files for file in "${ALLOWED_ROOT_FILES[@]}"; do @@ -1731,7 +1815,7 @@ jobs: rm -rf "$TEMP_STAGING"/* # Define allowed branch files - ALLOWED_BRANCH_FILES=("index.html" "coverage.html" "coverage.svg" "coverage-flat.svg" "coverage-flat-square.svg" "coverage-for-the-badge.svg" "data" "assets") + ALLOWED_BRANCH_FILES=("index.html" "coverage.html" "coverage.svg" "coverage-flat.svg" "coverage-flat-square.svg" "coverage-for-the-badge.svg" "coverage.out" "data" "assets") # Copy branch-specific files from deployment directory to staging first if [[ -d "$DEPLOY_DIR/coverage/branch/$BRANCH_NAME" ]]; then diff --git a/.github/workflows/fortress.yml b/.github/workflows/fortress.yml index 9224b86..7a6786d 100644 --- a/.github/workflows/fortress.yml +++ b/.github/workflows/fortress.yml @@ -18,7 +18,7 @@ # 🚀 Release Citadel: Automated deployments with GoReleaser and GoDocs # # Maintainer: @mrz1836 -# Repository: https://github.com/bsv-blockchain/go-safe-conversion +# Repository: https://github.com/mrz1836/go-fortress # # Copyright 2025 @mrz1836 # SPDX-License-Identifier: MIT