Skip to content

ci: improve CI workflows with test results and simplified triggers#7

Merged
aquemy merged 1 commit intomainfrom
ci/improve-ci-workflows
Dec 26, 2025
Merged

ci: improve CI workflows with test results and simplified triggers#7
aquemy merged 1 commit intomainfrom
ci/improve-ci-workflows

Conversation

@aquemy
Copy link
Copy Markdown
Member

@aquemy aquemy commented Dec 26, 2025

Summary

Improves CI workflows by adding Codecov test results tracking and simplifying the PR validation workflow.

Changes

1. Add Codecov Test Results Upload

  • Generates JUnit XML test results (--junitxml=pytest.xml)
  • Uploads to Codecov using codecov/test-results-action@v1
  • Provides test tracking, flaky test detection, and performance metrics
  • Runs even on cancelled workflows for better debugging

2. Simplify PR Workflow Triggers

  • Removed push: trigger (no more runs on renovate branches)
  • Removed pull_request_target: trigger (security improvement)
  • Removed redundant if: conditions from jobs
  • Improved security: PR title validation now runs with read-only permissions on pull_request

3. Update Dependencies

  • Updated uv.lock for Python 3.13+ requirement
  • Removed typing-extensions dependency for older Python versions

Security Analysis

More secure: Eliminated pull_request_target which has write permissions
No command injection risk: PR title validation uses pinned action with no shell execution
Principle of least privilege: Jobs only have pull-requests: read permission

Testing

  • PR title validation works correctly
  • All three jobs run: check-pr-title, validate, validate-docs
  • Codecov receives test results successfully
  • No jobs run on direct pushes to branches

Type of Change

  • CI/CD improvements
  • Security enhancement
  • Dependency update

@aquemy
ci: improve CI workflows with test results and simplified triggers
4b49343 
- Add Codecov test results upload to both test.yaml and pull_request.yaml
- Add --junitxml=pytest.xml flag to generate JUnit XML for test results
- Restore check-pr-title job in pull_request workflow
- Add types specification (opened, edited, synchronize) to pull_request trigger
- Remove push trigger for renovate/** branches (use pull_request only)
- Remove redundant shell: bash specifications
@aquemy aquemy force-pushed the ci/improve-ci-workflows branch from 412450b to 4b49343 Compare December 26, 2025 11:16
@codecov
Copy link
Copy Markdown

codecov bot commented Dec 26, 2025

⚠️ JUnit XML file not found

The CLI was unable to find any JUnit XML files to upload.
For more help, visit our troubleshooting guide.

@aquemy aquemy merged commit f12067e into main Dec 26, 2025
2 of 4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@aquemy