Enable TUnit test report artifact upload in GitHub Actions

[Copilot]

TUnit can automatically upload HTML test reports as workflow artifacts and link them in the step summary when running in GitHub Actions — but only if ACTIONS_RUNTIME_TOKEN is available to the shell process, which it isn't by default (it's only exposed inside JS/Docker action handlers).

Changes

• Added an "Expose GitHub Actions Runtime" step using actions/github-script@v7 immediately before the dotnet test step in both workflow files:
  • .github/workflows/PR-Build-And-Test.yml
  • .github/workflows/Build-Test-And-Deploy.yml

- name: Expose GitHub Actions Runtime
  uses: actions/github-script@v7
  with:
    script: |
      core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env['ACTIONS_RUNTIME_TOKEN']);
      core.exportVariable('ACTIONS_RESULTS_URL', process.env['ACTIONS_RESULTS_URL']);

- name: Run .NET Tests
  run: dotnet test ...

With this in place, TUnit will upload the test report as a workflow artifact and add a direct link to it in the step summary on each run.

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

[Copilot]

Pull request overview

Enables TUnit’s GitHub Actions HTML test report artifact upload by exposing GitHub Actions runtime environment variables to the subsequent dotnet test shell step.

Changes:

• Add an “Expose GitHub Actions Runtime” step (via actions/github-script@v7) before dotnet test in the PR workflow.
• Add the same runtime-exposure step before dotnet test in the main build/test/deploy workflow.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.

File	Description
.github/workflows/PR-Build-And-Test.yml	Exports ACTIONS_RUNTIME_TOKEN / ACTIONS_RESULTS_URL into the job env prior to running tests so TUnit can upload reports.
.github/workflows/Build-Test-And-Deploy.yml	Exports the same runtime variables prior to running tests in the main pipeline to enable the same TUnit behavior.

[Copilot]

process.env['ACTIONS_RUNTIME_TOKEN'] may be undefined/empty on some events or runner contexts; exporting an empty value can make downstream tools think the runtime token is present but invalid. Consider guarding the export (only call core.exportVariable when the value is truthy) and calling core.setSecret(...) for the token before exporting to ensure it’s masked if any step logs environment variables.

Suggested change

	core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env['ACTIONS_RUNTIME_TOKEN']);
	core.exportVariable('ACTIONS_RESULTS_URL', process.env['ACTIONS_RESULTS_URL']);
	const runtimeToken = process.env['ACTIONS_RUNTIME_TOKEN'];
	if (runtimeToken) {
	core.setSecret(runtimeToken);
	core.exportVariable('ACTIONS_RUNTIME_TOKEN', runtimeToken);
	}
	const resultsUrl = process.env['ACTIONS_RESULTS_URL'];
	if (resultsUrl) {
	core.exportVariable('ACTIONS_RESULTS_URL', resultsUrl);
	}

[Copilot]

Exporting ACTIONS_RUNTIME_TOKEN into the shell environment makes it accessible to any code executed during dotnet test (including test code from PRs), which increases the blast radius if someone prints/exfiltrates env vars. If this workflow runs on fork PRs, consider restricting this step to trusted contexts (e.g., only when github.event.pull_request.head.repo.full_name == github.repository) or otherwise documenting/accepting the risk explicitly.

[Copilot]

process.env['ACTIONS_RUNTIME_TOKEN'] can be undefined/empty depending on runner/event context; exporting an empty value can lead downstream tooling to treat the runtime as available but fail later. Consider guarding the export (only export when the value is truthy) and calling core.setSecret(...) for the token before exporting so it’s masked if anything logs environment variables.

Suggested change

	core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env['ACTIONS_RUNTIME_TOKEN']);
	core.exportVariable('ACTIONS_RESULTS_URL', process.env['ACTIONS_RESULTS_URL']);
	const runtimeToken = process.env['ACTIONS_RUNTIME_TOKEN'];
	if (runtimeToken) {
	core.setSecret(runtimeToken);
	core.exportVariable('ACTIONS_RUNTIME_TOKEN', runtimeToken);
	}
	const resultsUrl = process.env['ACTIONS_RESULTS_URL'];
	if (resultsUrl) {
	core.exportVariable('ACTIONS_RESULTS_URL', resultsUrl);
	}