// Audit a GitHub/GitLab organization's repositories for code coverage status. Generates CSV spreadsheet showing which repos have tests, Codecov integration, and what's missing. Use when user asks to audit an org, create a coverage spreadsheet, or assess coverage gaps across repositories.
Generate and create Jira tasks for code coverage onboarding from an audit CSV. Two-phase workflow — dry-run generates task files locally for review, then create-tasks pushes them to Jira under a target epic. Use when user wants to create Jira tasks from an audit spreadsheet, convert coverage audit results into actionable work items, or batch-create Jira issues for coverage gaps across an org. Also use when user mentions "jira tasks from audit", "coverage onboarding tasks", "create tasks for repos without coverage", or wants to track coverage work in Jira.
Integrate coverport into repositories to enable e2e test coverage collection and upload to Codecov. Supports Go, Python, and Node.js applications with Tekton/Konflux pipelines and GitHub Actions (using coverport CLI container via podman). Use this skill when users ask to integrate coverport, add e2e coverage tracking, or set up coverage instrumentation.
Onboard repositories to Codecov for unit test coverage tracking. Use this skill when users want to add Codecov integration, configure coverage uploads with flags, or set up CI pipelines to report coverage. Works with GitHub Actions, OpenShift CI (Prow), and GitLab CI. Supports public Codecov (app.codecov.io) and self-hosted Codecov instances.
Generate code coverage for C/C++ projects using gcov and lcov, and upload to Codecov. Use this skill when users need to add coverage to C or C++ projects, set up lcov pipelines, or troubleshoot gcov/lcov issues. Covers autotools, CMake, and Meson build systems.
| name | coverage-audit |
| description | Audit a GitHub/GitLab organization's repositories for code coverage status. Generates CSV spreadsheet showing which repos have tests, Codecov integration, and what's missing. Use when user asks to audit an org, create a coverage spreadsheet, or assess coverage gaps across repositories. |
Scan GitHub/GitLab org → produce CSV with coverage status per repo.
The user should NOT write or run scripts manually. YOU (the AI agent) write the audit script, execute it, and present results. The user only provides input (org name, scope) and reviews output.
Never assume. Always confirm. If you are unsure about anything — org name spelling, scope (public vs private), platform (GitHub vs GitLab) — stop and ask the user before proceeding.
Rules:
repo scope (private repos) or public_repo (public only)read:org scopeGITHUB_TOKEN if needed:
export GITHUB_TOKEN=$(gh auth token)
gh CLI, walk them through creating a token at
https://github.com/settings/tokenshttps://<host>/api/v3/ as the API base instead of https://api.github.com/read_api scopeGITLAB_TOKEN:
export GITLAB_TOKEN=glpat-xxxxxxxxxxxxxxxxxxxxx
https://gitlab.com/-/user_settings/personal_access_tokens
(or equivalent for self-hosted GitLab)https://<host>/api/v4/ as the API baseAsk user:
ansible, konflux-ci), or GitLab group path (e.g., gitlab-org/ci-cd)If platform is GitHub Enterprise or self-hosted GitLab, also ask for the instance URL.
Create a Python script that:
Fetches all repos via platform API with pagination
GET /orgs/{org}/repos?per_page=100&page=N — follow Link header or increment page until empty responseGET /groups/{group}/projects?per_page=100&page=N&include_subgroups=true — follow X-Next-Page headerDetect default branch per repo — use default_branch field from API response (do NOT hardcode main or master)
For each repo, collects:
codecov references, check for codecov.ymlAPI efficiency: Fetch the recursive tree ONCE per repo. Extract workflow paths, test file paths, CI indicators, and language hints all from the same tree response. Cache workflow file contents when fetched for test detection and reuse for Codecov detection — do NOT fetch the same file twice.
Language inference: When GitHub API returns null for language, infer from file extensions in the tree (e.g., *.go → Go, *.py → Python, *.ts → TypeScript). Use the most common extension. This prevents repos with code from being misclassified as no-language.
Writes CSV sorted by repo name
Saves progress to <org>-audit-progress.json every 10 repos (enables resume on interruption)
Classify each repo into one of (check in this order — first match wins):
archived — archived/deprecated (check BEFORE fork — archived forks are just archived)fork — fork of upstream projectdocumentation — docs-only repos (reStructuredText, HTML, MDX, no app code). Language = MDX, HTML, CSS, or reStructuredText triggers thissample/test — example, sample, demo, or test repos. Match "sample", "demo", "example", "quickstart", "test" ANYWHERE in name (not just prefix), but exclude repos with substantial source codeci-tooling — reusable CI actions/workflows. Detect by: action.yml or action.yaml at repo root, or name contains "actions" and repo has no application source codeconfiguration — config-only repos (renovate config, shared settings). Detect by: name contains "config", "renovate-config", "settings", AND repo has no programming language or only YAML/JSONcontainer-image — Dockerfile-only, no application logicinfrastructure — deployment manifests, Helm charts, GitOps configcatalog — pipeline/task catalogs (Tekton, CI definitions)application — has source code, potential for tests (default/fallback)Check in this order:
GitHub repos:
.github/workflows/*.yml for test commands:
go test, pytest, npm test, make test, tox, coverage run, jest, vitest, unittest, noxtests/, test/, tests/unit/, tests/e2e/, integration-tests/package.json scripts for JS/TS, *_test.go for GoGitLab repos:
.gitlab-ci.yml for test stages/jobs:
Look for stage names containing test, job scripts containing go test, pytest, npm test, make test, tox, coverage runinclude: directives — note if .gitlab-ci.yml uses include: (may pull test jobs from templates — mark as likely if includes exist but no explicit test commands found)Values: yes, likely, unknown, n/a (for skipped categories)
From CI config — scan workflow files for:
codecov/codecov-action or codecov CLI usageuse_oidc: true vs CODECOV_TOKENflags: configurationcodecov.yml or .codecov.yml config fileFrom Codecov API (optional, if user has Codecov access):
GET https://app.codecov.io/api/v2/github/{owner}/repos/{repo}/ — check if repo exists on CodecovGET https://app.codecov.io/api/v2/github/{owner}/repos/{repo}/commits/ — check for recent coverage uploadsCODECOV_TOKEN (API token from codecov.io account settings)Last Coverage Upload and Coverage % columnsFor GitLab: check .gitlab-ci.yml for coverage: keyword regex, artifacts: reports: coverage_report: and codecov uploader usage.
Values: yes, config-only, no, n/a
For archived, fork, documentation, container-image, sample/test, ci-tooling, configuration categories — skip workflow/test analysis, set fields to n/a.
GitHub:
api.github.com/rate_limit before and aftertime.sleep(0.15-0.3) between API callsX-RateLimit-Remaining: 0, calculate wait from X-RateLimit-Reset and ask userGitLab:
RateLimit-Remaining response headerRetry-After header on 429Retry logic:
Progress & Resume:
<org>-audit-progress.json every 10 repos[42/301] Scanning repo-name... to show advancementColumns (in order):
Repository, Onboard, URL, Language, Stars, Fork, Archived, Category, Description,
Has Unit Tests, Has E2E Tests, Has Codecov, CI System, Codecov Details,
Test Details, Contributor 1, Contributor 2, Contributor 3
File name: <org>-audit.csv
The last column Onboard is a pre-selection flag for the coverage-jira-tasks skill.
Set it to TRUE for repos the audit thinks are worth onboarding to Codecov, FALSE otherwise.
Selection logic — set TRUE when ALL of these hold:
applicationyes or likely) OR has Codecov already (yes or config-only)This gives the user a pre-filtered list they can review in Google Sheets
(checkboxes render as clickable toggles). The coverage-jira-tasks skill
reads this column to know which repos to create tasks for — no manual
repo selection needed.
Important: This is a suggestion, not a decision. The user curates the checkboxes in the spreadsheet before downloading as CSV.
After writing CSV, verify it by reading first 5 rows with Python's csv module:
python3 -c "import csv; r=csv.DictReader(open('org-audit.csv')); [print(dict(row)) for row in list(r)[:5]]"
Do NOT use column -s',' -t — it breaks on quoted fields containing commas (e.g., "GitHub Actions, Tekton, Make").
Also sanitize description fields before writing: strip newlines, replace commas in descriptions with semicolons, and truncate to 200 chars.
After CSV generation, print:
Total repos: N
Application repos: N
Forks: N
Archived: N
Has unit tests: N
Has Codecov: N
Gap (tests, no Codecov): N
The gap number = repos with tests but no Codecov. This is the primary onboarding opportunity.
Filter these from contributor lists:
dependabot[bot], dependabot-preview[bot], github-actions[bot],
renovate[bot], mergify[bot], codecov[bot], pre-commit-ci[bot],
snyk-bot, mend-bolt-for-github[bot], ansibullbot, ansibot,
patchback[bot], and any login ending in [bot].
User: "Audit the ansible GitHub org for coverage status"
Result: ansible-audit.csv with 301 rows + summary showing 74 repos with tests, 16 with Codecov, 58 gaps.