v10.1.1/ci fix

[gimlichael]

This pull request enhances the CI pipeline diagnostics and verbosity for .NET builds and test jobs, with a particular focus on improving troubleshooting for Linux test executables. The main changes increase the level of logging and add comprehensive diagnostic steps to help debug issues related to test binary execution, especially around permissions and environment context.

CI pipeline diagnostics and verbosity improvements:

• Increased the verbosity level to diagnostic for both the build and test jobs, providing more detailed logs during CI runs. [1] [2]

• Replaced the simple Linux test apphost permissions fix step with an extensive diagnostic script. This script now:

  • Sets strict shell options for safety and debugging.
  • Prints detailed context about the runner, environment, .NET info, and git state.
  • Applies executable permissions (chmod a+x) to both bin and obj directories for the relevant configuration.
  • Checks for noexec mount options that could prevent execution.
  • Lists candidate executables and likely test hosts with detailed metadata.
  • Performs deep diagnostics on up to 50 likely test binaries, including file type, architecture, dynamic linker info, dependencies, and shebang line issues.
  • Outputs all findings to aid in diagnosing "permission denied" or "exec format error" problems.…unitv3 (again)

Summary by CodeRabbit

Release Notes

This release contains no user-facing changes. Updates were made exclusively to internal CI/CD infrastructure and testing diagnostics to improve development workflow efficiency.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

A GitHub Actions workflow configuration was modified to add diagnostic verbosity to Linux and Windows test steps. A concise permission-fix command was expanded into a comprehensive diagnostic block that outputs system information, environment context, and performs detailed executable analysis.

Changes

Cohort / File(s)

Summary

CI Workflow Diagnostics \\.github/workflows/ci-pipeline.yml

Added verbosity-level: diagnostic to Linux and WindowsDotnet test runs. Replaced single-line apphost permission fix with extensive debugging block including shell strictness settings, environment reporting (OS, architecture, workspace), .NET and Git state inspection, executable discovery via glob patterns, permission fixes, mount diagnostics, and deep inspection of candidate binaries (file types, ELF details, dependencies, shebangs).

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

• Workflow configuration file change with added diagnostic steps and logging commands
• Minimal logic complexity; changes are primarily command additions and reorganization
• Verify diagnostic commands execute safely in CI environment and don't introduce unintended side effects
• Ensure glob patterns correctly identify target executables and permission fixes apply appropriately

Poem

🐰 A pipeline's secrets are now laid bare,
With diagnostics blooming everywhere,
Bins and objects pass the testing glare,
Shebangs and ELF files floating in the air—
Debugging's dance, with logs beyond compare! ✨

Pre-merge checks and finishing touches

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title is vague and uses non-descriptive terms like 'ci fix' without conveying what the actual CI changes accomplish.	Use a more descriptive title such as 'Add comprehensive CI diagnostics for Linux test executable issues' to clarify the main purpose of this change.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch v10.1.1/ci-fix

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6ab56d2 and e72b597.

📒 Files selected for processing (1)

• .github/workflows/ci-pipeline.yml (3 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: Agent
• GitHub Check: call-build (Debug) / 🛠️ Build
• GitHub Check: call-build (Release) / 🛠️ Build
• GitHub Check: Analyze (csharp)

🔇 Additional comments (2)

.github/workflows/ci-pipeline.yml (2)

65-82: Confirm verbosity-level is a supported input for codebeltnet/jobs-dotnet-test@v3 (otherwise it’ll be ignored or fail).

If that reusable workflow doesn’t define verbosity-level, this change won’t do what you expect (or could break the workflow).

---

83-100: Same concern on Windows: verify verbosity-level is supported and maps to dotnet test -v diag.

Also consider whether diagnostic is too noisy for PR runs (log size / retention), but that’s a policy choice.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

# Let me verify the exact lines using the matrix and inputs context
sed -n '9,50p' .github/workflows/ci-pipeline.yml | cat -n

Repository: codebeltnet/cuemon

Length of output: 1418

---

🏁 Script executed:

# Verify the exact usage of configuration variable in the diagnostic step
sed -n '136,224p' .github/workflows/ci-pipeline.yml | grep -n "configuration\|ldd"

Repository: codebeltnet/cuemon

Length of output: 343

---

🏁 Script executed:

# Find the job definition that contains the diagnostic step
sed -n '100,300p' .github/workflows/ci-pipeline.yml | head -n 200

Repository: codebeltnet/cuemon

Length of output: 6397

---

🏁 Script executed:

# Search for the test job and its matrix
grep -n "test:" .github/workflows/ci-pipeline.yml

Repository: codebeltnet/cuemon

Length of output: 104

---

🏁 Script executed:

# Get the full structure around lines 100-250 to see job definitions
sed -n '80,250p' .github/workflows/ci-pipeline.yml | cat -n

Repository: codebeltnet/cuemon

Length of output: 7281

---

Use matrix.configuration instead of undefined inputs.configuration in the diagnostic step. The integration_test job defines and uses matrix.configuration throughout (download artifacts, test execution), but this diagnostic step incorrectly references ${{ inputs.configuration }}, which is undefined in this context, causing the chmod and find globs to fail.

-          echo "Configuration: ${{ inputs.configuration }}"
+          echo "Configuration: ${{ matrix.configuration }}"
...
-          BIN_GLOB="*/bin/${{ inputs.configuration }}/net*/*"
-          OBJ_GLOB="*/obj/${{ inputs.configuration }}/net*/*"
+          BIN_GLOB="*/bin/${{ matrix.configuration }}/net*/*"
+          OBJ_GLOB="*/obj/${{ matrix.configuration }}/net*/*"

Replace ldd with non-executing ELF inspection tools. The ldd command executes code from binaries to resolve dependencies, which is unnecessary in a CI environment and presents an avoidable security risk. Use readelf -d and objdump -p instead to inspect NEEDED sections without execution.

-              echo "ldd (dependencies):"
-              ldd "$f" 2>/dev/null || true
+              echo "readelf -d (NEEDED):"
+              readelf -d "$f" 2>/dev/null | sed -n '1,120p' || true
+              echo "objdump -p (NEEDED):"
+              objdump -p "$f" 2>/dev/null | sed -n '1,120p' || true

🤖 Prompt for AI Agents

.github/workflows/ci-pipeline.yml around lines 136 to 224: the diagnostic step
incorrectly references the undefined inputs.configuration and calls ldd (which
executes code); update all occurrences of ${{ inputs.configuration }} to ${{
matrix.configuration }} (including BIN_GLOB and OBJ_GLOB) so the find/chmod
globs work, and remove the ldd "$f" call — replace it with non-executing
inspection commands such as readelf -d "$f" and objdump -p "$f" (run both
conditionally for ELF files) to show NEEDED/DT entries without executing the
binary.

[Copilot]

Pull request overview

This pull request enhances CI pipeline diagnostics by increasing logging verbosity and adding comprehensive diagnostic capabilities for Linux test executable issues. The changes aim to help troubleshoot "permission denied" and "exec format error" problems when running xUnit v3 tests on Linux.

Key changes:

• Added verbosity-level: diagnostic to both Linux and Windows test jobs for more detailed build/test output
• Replaced a simple permission-fix script with an extensive diagnostic shell script that examines runner context, .NET environment, file permissions, mount options, and binary characteristics

[Copilot]

The process substitution syntax done < <(find ...) on line 215 is a bash-specific feature. While the script explicitly sets shell: bash on line 224, it's good that this is specified. However, the set -euo pipefail on line 138 combined with the || true on line 221 means that if the process substitution or the while loop fails, it will be silently ignored. Consider whether you want to catch failures in the diagnostic loop itself, or if silent failure is acceptable for this diagnostic-only step.

Suggested change

	) || true
	)

[Copilot]

The script references inputs.configuration but this job uses matrix.configuration instead. The integration_test job doesn't have access to inputs.configuration (which is only available in workflow_dispatch events), so this will evaluate to an empty string, causing the script to search for paths like */bin//net*/* which won't match the intended directories. This should be changed to matrix.configuration to match the job's configuration matrix.

Suggested change

	echo "Configuration: ${{ inputs.configuration }}"
	echo "Configuration: ${{ matrix.configuration }}"

[Copilot]

The BIN_GLOB and OBJ_GLOB variables reference inputs.configuration which is not available in this job context. The integration_test job uses matrix.configuration instead. These paths will resolve incorrectly (e.g., */bin//net*/*), causing the find commands and chmod operations throughout the script to fail to locate the actual test binaries. Change both occurrences to matrix.configuration.

Suggested change

	BIN_GLOB="*/bin/${{ inputs.configuration }}/net*/*"
	OBJ_GLOB="*/obj/${{ inputs.configuration }}/net*/*"
	BIN_GLOB="*/bin/${{ matrix.configuration }}/net*/*"
	OBJ_GLOB="*/obj/${{ matrix.configuration }}/net*/*"

[Copilot]

Applying executable permissions to ALL files in bin and obj directories (chmod a+x on every file) is overly broad and could pose a security risk. Many files in these directories (like .dll, .pdb, .json, .xml, configuration files) should never be executable. This could inadvertently make data files or configuration files executable. Consider being more selective by only applying executable permissions to specific patterns that are actually test host executables (e.g., files named testhost, testhost.exe, files matching the test project names without extensions, or using file type detection first).

Suggested change

	echo "=== Brute-force chmod (bin + obj) ==="
	find . -type f \( -path "$BIN_GLOB" -o -path "$OBJ_GLOB" \) -exec chmod a+x {} + 2>/dev/null || true
	echo "=== Selective chmod (testhost executables in bin + obj) ==="
	find . \( -path "$BIN_GLOB" -o -path "$OBJ_GLOB" \) -type f \( -name "testhost" -o -name "testhost.exe" \) -exec chmod a+x {} + 2>/dev/null || true

[Copilot]

The diagnostic script processes up to 50 test binaries with extensive checks (file, readelf, ldd commands) which could significantly increase CI run time, especially with many test projects. While this is valuable for debugging, consider adding a condition to only run this extensive diagnostic when tests are actually failing, or make it configurable via an input parameter. This would reduce noise and CI time in successful runs while still providing diagnostics when needed.

[Copilot]

The find command uses -printf which is a GNU findutils extension. While Ubuntu runners should support this, the use of GNU-specific options could cause portability issues if the script is ever adapted for other platforms. The same applies to sed -n '1,200p' which could be replaced with head -n 200. Consider documenting this GNU dependency or using more portable alternatives like find ... -ls or find ... | xargs ls -la for broader compatibility.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 80.37%. Comparing base (61b5ed7) to head (e72b597).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #138   +/-   ##
=======================================
  Coverage   80.37%   80.37%           
=======================================
  Files         595      595           
  Lines       18485    18485           
  Branches     1895     1895           
=======================================
  Hits        14857    14857           
  Misses       3562     3562           
  Partials       66       66           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.