chore: [OMV-616] Adds coverage checks and updates Renovate config

[BenjaminNolan]

Summary by CodeRabbit

• Chores
  • Enhanced code quality with a new "Code Coverage" workflow on the 1.x.x branch. Includes automated testing and integration with SonarCloud for code analysis.

[coderabbitai]

Walkthrough

The recent update introduces a GitHub Actions workflow named "Code Coverage" that computes code coverage using Go tests, sends the results to SonarCloud, and merges Renovate PRs if tests pass. It includes steps for running tests, generating coverage reports, uploading artifacts, and triggering SonarCloud scans. The workflow is triggered on pushes to the 1.x.x branch, certain pull request events, and manual workflow dispatches.

Changes

File Path	Change Summary
.github/workflows/code_coverage.yml	Introduced "Code Coverage" workflow for Go test coverage, SonarCloud integration, and auto-merging Renovate PRs.

🐰✨
A hop, a skip, in the code we dive,
With tests and scans, our code thrives.
Through branches and PRs, we weave and stitch,
Ensuring our code, without a hitch.
In the garden of code, under the cloud's gaze,
Our coverage grows, in the sun's embrace.
🌱📊

---

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit-tests for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit tests for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit tests.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• The JSON schema for the configuration file is available here.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/coderabbit-overrides.v2.json

CodeRabbit Discord Community

Join our Discord Community to get help, request features, and share feedback.

[coderabbitai]

Review Status

Actionable comments generated: 0

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between bec5501 and 0d124f4.

Files ignored due to path filters (1)

• renovate.json is excluded by: !**/*.json

Files selected for processing (1)

• .github/workflows/code_coverage.yml (1 hunks)

Additional comments: 7

.github/workflows/code_coverage.yml (7)

• 5-12: The workflow is configured to trigger on pushes to the 1.x.x branch, pull request events (opened, synchronize, reopened), and manual dispatches. This setup ensures that code coverage checks are consistently applied across the development lifecycle, aligning with the PR's objectives to maintain or improve codebase quality.
• 14-16: The use of concurrency with cancel-in-progress: true is a good practice. It prevents the accumulation of redundant runs if multiple commits are pushed in quick succession or if multiple PRs are opened or updated simultaneously. This helps in conserving CI/CD resources and ensures that only the latest changes are tested.
• 21-22: Running the workflow on a self-hosted runner (runs-on: self-hosted) and specifying a container (docker://golang:1.21.6) provides a controlled environment for the job. However, ensure that the self-hosted runner is secure, up-to-date, and dedicated to this project to avoid potential security risks or resource contention with other projects.
• 30-36: The steps to run tests and compute code coverage are well-defined. Using go clean -testcache ensures that tests are run fresh, and specifying GOEXPERIMENT=nocoverageredesign might be necessary for compatibility with certain Go versions or project-specific requirements. However, it's important to ensure that this experiment flag does not negatively impact the accuracy of coverage metrics or the stability of the test environment.
• 38-42: Uploading the coverage.html artifact is a useful step for making the coverage report accessible for review. This allows team members to easily review coverage changes without needing to run the coverage tool locally.
• 44-48: The use of SonarCloud for code quality analysis is a strong choice. However, ensure that the SONAR_TOKEN secret is securely managed and has the minimum required permissions. Additionally, verify that SonarCloud is correctly configured to handle the coverage reports and that the project's SonarCloud settings align with the team's code quality goals.
• 50-65: The merge-renovate-prs job is configured to auto-merge Renovate PRs if the coverage job succeeds and the PR is from Renovate. This automation can streamline dependency updates but ensure that the project's testing and review processes are robust enough to catch potential issues introduced by dependency updates. Additionally, verify that the GH_ACTION_MERGE_RENOVATE_TOKEN has the correct permissions for merging PRs and that its usage complies with the project's security policies.

[coderabbitai]

Review Status

Actionable comments generated: 0

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between bec5501 and a3f858f.

Files ignored due to path filters (1)

• renovate.json is excluded by: !**/*.json

Files selected for processing (1)

• .github/workflows/code_coverage.yml (1 hunks)

Files skipped from review as they are similar to previous changes (1)

• .github/workflows/code_coverage.yml

[coderabbitai]

Review Status

Actionable comments generated: 0

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between bec5501 and b4ce44f.

Files ignored due to path filters (1)

• renovate.json is excluded by: !**/*.json

Files selected for processing (1)

• .github/workflows/code_coverage.yml (1 hunks)

Files skipped from review as they are similar to previous changes (1)

• .github/workflows/code_coverage.yml