Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(ci): update codecov-action to v5 #114

Merged
merged 3 commits into from
Dec 31, 2024
Merged

fix(ci): update codecov-action to v5 #114

merged 3 commits into from
Dec 31, 2024

Conversation

agilgur5
Copy link
Owner

@agilgur5 agilgur5 commented Dec 31, 2024
edited
Loading

Summary

Per #112 (comment) and https://docs.codecov.com/docs/codecov-tokens#uploading-without-a-token, it seems a newer version of the action is required now for tokenless uploads due to GH rate limiting etc

Details

  • codecov-action from v2 to v5

Notes to Reviewers

@agilgur5 agilgur5 added the kind: internal Changes only affect the internals and not the API or usage label Dec 31, 2024
@agilgur5
Copy link
Owner Author

Drilling into the coverage action's logs:

error - 2024-12-31 20:33:40,005 -- Upload failed: {"message":"Token required because branch is protected"}

@agilgur5
Copy link
Owner Author

https://docs.codecov.com/docs/codecov-tokens#uploading-without-a-token

Ok according to https://docs.codecov.com/docs/codecov-tokens#tokenless-on-unprotected-branches, a "protected" branch is any "unprefixed" branch (has a name without a colon :), which would include both main and this branch, fix-ci-codecov. Prefixes are auto-added for PRs from forks.
I could make a new PR from a different branch (as I can't rename the branch without closing the PR) with a prefix which should work, but I also need uploads from main to work so that its coverage is tracked, so that doesn't fix the problem per se 😕
I guess I need to add a token, which is not ideal from a security perspective (leakage, theft, etc)

@codecov Codecov
Copy link

codecov bot commented Dec 31, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 100.00%. Comparing base (cb09cf7) to head (cf55fc4).
Report is 2 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff            @@
##              main      #114   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            1         1           
  Lines           75        75           
  Branches         9         9           
=========================================
  Hits            75        75

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@agilgur5
remove token and change Codecov settings
cf55fc4 
apparently according to https://docs.codecov.com/docs/codecov-tokens#enabling-tokenless-uploads-for-public-repositories, there is a setting to enable this, however the setting itself does not say "public repos only" confusingly....
@agilgur5
Copy link
Owner Author

but I also need uploads from main to work so that its coverage is tracked, so that doesn't fix the problem per se 😕
I guess I need to add a token, which is not ideal from a security perspective (leakage, theft, etc)

one more correction, apparently it can work without tokens if you change a setting in Codecov. It's default on in newer Codecov orgs but off for older ones (mine's quite old). Confusingly though, this exact settings screen doesn't specifically say the setting only impacts "public repositories only" unlike the docs page 😕 :
token settings - Screenshot 2024-12-31 at 3 52 45 PM

I did get it working with and without a token now though per the above comment from the Codecov bot and the passing GH check now.

@agilgur5 agilgur5 changed the title fix(ci): get Codecov checks working fix(ci): update codecov-action to v5 Dec 31, 2024
@agilgur5 agilgur5 added the scope: dependencies Pull requests that update a dependency file label Dec 31, 2024
@agilgur5 agilgur5 mentioned this pull request Dec 31, 2024
Merged
agilgur5
agilgur5 commented Dec 31, 2024
View reviewed changes
Copy link
Owner Author

@agilgur5 agilgur5 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✅ Codecov is working now

@agilgur5 agilgur5 merged commit 599f371 into main Dec 31, 2024
3 checks passed
@agilgur5 agilgur5 deleted the fix-ci-codecov branch December 31, 2024 21:03
agilgur5 added a commit that referenced this pull request Jan 3, 2025
@agilgur5
fix(ci): update codecov-action to v5 (#114)
abc477b 
* fix(ci): update `codecov-action` for tokenless uploads

- per https://docs.codecov.com/docs/codecov-tokens#uploading-without-a-token, it seems a newer version is required now

* token is apparently needed for `main` and other "unprefixed" branches

- c.f. https://docs.codecov.com/docs/codecov-tokens#tokenless-on-unprotected-branches

* remove token and change Codecov settings

apparently according to https://docs.codecov.com/docs/codecov-tokens#enabling-tokenless-uploads-for-public-repositories, there is a setting to enable this, however the setting itself does not say "public repos only" confusingly....

(cherry picked from commit 599f371)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
kind: internal Changes only affect the internals and not the API or usage scope: dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@agilgur5