Upload fails on GitHub actions for public repositories when CODECOV_TOKEN is not available
Closed this issue · 3 comments
Uploading code coverage from Travis CI and friends
According to the documentation at https://docs.codecov.io/docs/about-the-codecov-bash-uploader#section-upload-token, when using the coverage uploader with a public project on
- TravisCI
- CircleCI
- AppVeyor
- Azure Pipelines
an upload token is not required.
For reference, see https://docs.codecov.io/docs/about-the-codecov-bash-uploader#section-upload-token.
Uploading code coverage from GitHub actions
When using GitHub actions, it is possible to provide the CODECOV_TOKEN
as a secret, but it will only be available for builds triggered by users who have push privileges (maintainers or collaborators).
For open-source projects, this is usually not the case, which means that
- uploading code coverage
- code coverage check integrations
- displaying code coverage in pull request comments
is not possible.
For reference, see https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets.
Workaround
In sebastianbergmann/phpunit#3921 we work around this by using GitHub actions as a primary system, but fall back to collecting code coverage using Travis CI.
However, this does not seem to be a viable solution for the longer term.
Long term solution?
Will there be a chance that uploading code coverage from public repositories will be made possible without the need to provide a CODECOV_TOKEN
?
Not sure how the integration with Travis CI went, but when this worked with Travis CI, it should surely be possible with GitHub actions.
/cc @nat
Hi @localheinz
This is currently a limitation of GitHub Actions not having an API for us to check.
We are tracking this request here: https://community.codecov.io/t/whitelist-github-action-servers-to-upload-without-a-token/491/8
Thank you, @drazisil!
I hope that this issue will be resolved soon.