Skip to content

Add coverage CI job#697

Open
Jakuje wants to merge 2 commits intoopenssl-projects:mainfrom
Jakuje:coverage
Open

Add coverage CI job#697
Jakuje wants to merge 2 commits intoopenssl-projects:mainfrom
Jakuje:coverage

Conversation

@Jakuje
Copy link
Contributor

@Jakuje Jakuje commented Feb 26, 2026

Description

There is no such nice report like we have in gitlab, but this at least allows running make coverage to get HTML reports to see where we have untested code.

Local run shows to me ok-ish results:

Overall coverage rate:
  lines......: 64.8% (9971 of 15394 lines)
  functions......: 80.3% (771 of 960 functions)
  branches......: 38.3% (4780 of 12476 branches)

and drop leftovers of p11-kit-client.

Checklist

  • Code modified for feature
  • Test suite updated with functionality tests
  • Test suite updated with negative tests
  • Documentation updated

Reviewer's checklist:

  • Any issues marked for closing are addressed
  • There is a test suite reasonably covering new functionality or modifications
  • This feature/change has adequate documentation added
  • Code conform to coding style that today cannot yet be enforced via the check style test
  • Commits have short titles and sensible commit messages
  • Coverity Scan has run if needed (code PR) and no new defects were found

@Jakuje Jakuje force-pushed the coverage branch 2 times, most recently from 3114518 to 53bb7a7 Compare February 26, 2026 18:09
@Jakuje
Copy link
Contributor Author

Jakuje commented Feb 26, 2026

Report looks reasonable:

https://github.com/latchset/pkcs11-provider/actions/runs/22454953774/job/65033510484?pr=697

Would be great to have HTMLs published somehow, but that might be done separately. We can also put there some automation and differential run to make sure we are not regressing in the coverage.

@simo5
Copy link
Collaborator

simo5 commented Feb 26, 2026

Unfortunately there does not seem to be any easy way to expose generate files from builds in github :/ But you can archive them as build artifacts that can be downloaded as a tar.gz and displayed in a browser

simo5
simo5 previously approved these changes Feb 26, 2026
View reviewed changes
Copy link
Collaborator

@simo5 simo5 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@simo5
Copy link
Collaborator

simo5 commented Feb 26, 2026

@Jakuje do you want to add support for uploading the coverage THML file as a tar.gz artifact in the actions cache?
If not feel free to merge as is for now.

@Jakuje
Copy link
Contributor Author

Jakuje commented Feb 27, 2026

Probably not. I mostly wanted to be able to get this to see where we have dead code and what might need some attention (and have makefile target to be able to run it locally). Given that github does not have a good representation, I think its easier to run it locally than downloading tarballs, but if you prefer, I can add that too.

One though I had would be differential scan to fail if the coverage goes down, but it would need two runs and some regexes. We can also include the tlsfuzzer as I think it has large coverage of odd mechanisms too. That should be quite easy (while slower).

@Jakuje
Copy link
Contributor Author

Jakuje commented Feb 27, 2026

I actually did the upload and enabled the tlsfuzzer tests now.

@Jakuje Jakuje force-pushed the coverage branch 2 times, most recently from 87e4cf3 to dd5aca9 Compare February 27, 2026 11:47
@simo5
Copy link
Collaborator

simo5 commented Mar 12, 2026

@Jakuje can you rebase this one?

simo5
simo5 approved these changes Mar 12, 2026
View reviewed changes
Copy link
Collaborator

@simo5 simo5 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Jakuje added 2 commits March 13, 2026 09:49
@Jakuje
tests: Remove needless p11-kit-client
c83d073 
This was used to run softhsm in separate process, when openssl exit handlers
crashed during exit. Now it was unused for some time.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
@Jakuje
ci: Add coverage reports to ci and Makefile
bd73864 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
@Jakuje
Copy link
Contributor Author

Jakuje commented Mar 13, 2026

Rebased

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@simo5 simo5 simo5 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Jakuje @simo5