Try different approach.

adamghill · adamghill · commit 8688be1f81fa · 2024-07-28T17:36:19.000-04:00
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,42 @@
+ame: CI
+
+on:
+  pull_request:
+  push:
+    branches:
+      - "main"
+
+jobs:
+  test:
+    name: Run tests & display coverage
+    runs-on: ubuntu-latest
+    permissions:
+      # Gives the action the necessary permissions for publishing new
+      # comments in pull requests.
+      pull-requests: write
+      # Gives the action the necessary permissions for pushing data to the
+      # python-coverage-comment-action branch, and for editing existing
+      # comments (to avoid publishing multiple comments in the same PR)
+      contents: write
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install everything, run the tests, produce the .coverage file
+        run: |
+          run coverage run -m pytest
+          run coverage xml
+
+      - name: Coverage comment
+        id: coverage_comment
+        uses: py-cov-action/python-coverage-comment-action@v3
+        with:
+          GITHUB_TOKEN: ${{ github.token }}
+
+      - name: Store Pull Request comment to be posted
+        uses: actions/upload-artifact@v4
+        if: steps.coverage_comment.outputs.COMMENT_FILE_WRITTEN == 'true'
+        with:
+          # If you use a different name, update COMMENT_ARTIFACT_NAME accordingly
+          name: python-coverage-comment-action
+          # If you use a different name, update COMMENT_FILENAME accordingly
+          path: python-coverage-comment-action.txt
diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml
@@ -1,53 +1,35 @@
-name: Coverage
+name: Post coverage comment
 
 on:
-  push:
-    branches:
-      - main
-  workflow_dispatch:
-
-env:
-  PYTHON_VERSION: 3.11
+  workflow_run:
+    workflows: ["CI"]
+    types:
+      - completed
 
 jobs:
-  generate-coverage:
+  test:
+    name: Run tests & display coverage
     runs-on: ubuntu-latest
-
+    if: github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'success'
+    permissions:
+      # Gives the action the necessary permissions for publishing new
+      # comments in pull requests.
+      pull-requests: write
+      # Gives the action the necessary permissions for editing existing
+      # comments (to avoid publishing multiple comments in the same PR)
+      contents: write
+      # Gives the action the necessary permissions for looking up the
+      # workflow that launched this workflow, and download the related
+      # artifact that contains the comment to be published
+      actions: read
     steps:
-      - uses: actions/checkout@v3
-        with:
-          fetch-depth: 1
-
-      - name: Install Poetry
-        run: |
-          pipx install poetry
-          poetry config virtualenvs.path ~/.virtualenvs${{ env.PYTHON_VERSION }}
-
-      - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@v3
+      # DO NOT run actions/checkout here, for security reasons
+      # For details, refer to https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
+      - name: Post comment
+        uses: py-cov-action/python-coverage-comment-action@v3
         with:
-          python-version: ${{ env.PYTHON_VERSION }}
-          cache: "poetry"
-
-      - name: Install dependencies
-        run: poetry install -E minify
-
-      - name: Generate coverage badge
-        run: |
-          chmod +x generate_badge.sh
-          ./generate_badge.sh
-
-      - name: Commit and push coverage badge
-        continue-on-error: true
-        env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          git config --global user.name "github-actions[bot]"
-          git config --global user.email "github-actions[bot]@users.noreply.github.com"
-          git config pull.rebase true
-          git checkout -b py-code-coverage || git checkout py-code-coverage
-          git pull origin py-code-coverage
-          git add .
-          git commit --verbose -m "Update coverage badge"
-          git rebase --strategy-option=ours py-code-coverage --verbose
-          git push --verbose origin py-code-coverage
+          GITHUB_PR_RUN_ID: ${{ github.event.workflow_run.id }}
+          # Update those if you changed the default values:
+          # COMMENT_ARTIFACT_NAME: python-coverage-comment-action
+          # COMMENT_FILENAME: python-coverage-comment-action.txt
