Motivation: code coverage reports were incomplete. This lays a better
base for consistent reporting via GitHub Actions, with room for follow-ups.
It also removes a test flake source in Kafka jobs.
Impact: CI/tests only; no runtime behavior or ABI changes expected.
Before: Coverage uploads were inconsistent; Kafka tests could hang while
reading from /dev/urandom to generate topic names.
After: Coverage is collected with lcov and uploaded via a dedicated GH
Action; Kafka topics use fast $RANDOM-based hex, avoiding early-boot
entropy stalls.
Technical details:
- Add two workflows: "codecov base" and "codecov kafka" on Ubuntu 24.04.
Use lcov capture with unexecuted blocks and prune common noise; upload
with token for same-repo PRs and tokenless for forks.
- Update .codecov.yml: add path fixes for container (/rsyslog) and
runner layouts; explicitly set comment: false and patch: false.
- Bump actions/checkout to v4 in existing workflows; add an actionlint
job to catch YAML problems early.
- Switch codecov jobs in container matrix to 24.04 images.
- Improve run-ci.sh lcov invocation to be more tolerant of line/macro
mismatches.
- Testbench: replace /dev/urandom topic generation with 8-char hex from
$RANDOM; adjust diag.sh path/quoting for zookeeper helper.
Coverage varies a bit more due to known flakiness, so no point
in unnecessarily flagging PRs as bad. Same issue with per-PR
coverage, which doesn't make much sense with current state.
These suppressions are always used, as they can never be caused by
actual program code. So it doesn't hurt to always use them.
Also add some support for CodeCov tool.
