codecov/codecov-bash

Upload fails on GitHub actions for public repositories when CODECOV_TOKEN is not available

Closed this issue · 3 comments

Uploading code coverage from Travis CI and friends

According to the documentation at https://docs.codecov.io/docs/about-the-codecov-bash-uploader#section-upload-token, when using the coverage uploader with a public project on

  • TravisCI
  • CircleCI
  • AppVeyor
  • Azure Pipelines

an upload token is not required.

For reference, see https://docs.codecov.io/docs/about-the-codecov-bash-uploader#section-upload-token.

Uploading code coverage from GitHub actions

When using GitHub actions, it is possible to provide the CODECOV_TOKEN as a secret, but it will only be available for builds triggered by users who have push privileges (maintainers or collaborators).

For open-source projects, this is usually not the case, which means that

  • uploading code coverage
  • code coverage check integrations
  • displaying code coverage in pull request comments

is not possible.

For reference, see https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets.

Workaround

In sebastianbergmann/phpunit#3921 we work around this by using GitHub actions as a primary system, but fall back to collecting code coverage using Travis CI.

However, this does not seem to be a viable solution for the longer term.

Long term solution?

Will there be a chance that uploading code coverage from public repositories will be made possible without the need to provide a CODECOV_TOKEN?

Not sure how the integration with Travis CI went, but when this worked with Travis CI, it should surely be possible with GitHub actions.

Hi @localheinz

This is currently a limitation of GitHub Actions not having an API for us to check.

We are tracking this request here: https://community.codecov.io/t/whitelist-github-action-servers-to-upload-without-a-token/491/8

Thank you, @drazisil!

I hope that this issue will be resolved soon.