Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Pin codecov action to v4.5.0 and update dependabot.yml to ignore v4.6.0 #222

Merged
merged 1 commit into from
Oct 4, 2024

Conversation

alisonlhart
Copy link
Contributor

@alisonlhart alisonlhart commented Oct 3, 2024

Changes the codecov version in our tox workflow from v4 to v4.5.0, since v4.6.0 introduced a regression causing this error:

Error: Codecov: Failed to get OIDC token with url: https://codecov.io./ Error message: Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable

Updates dependabot.yml to skip version v4.6.0.
Adds dependabot.yml to the .ansible-lint exclude_paths list, since it's failing on the quotes surrounding the dependency_name and versions values.

Codecov issue: codecov/codecov-action#1594

@alisonlhart alisonlhart added the bug Something isn't working label Oct 3, 2024
@alisonlhart alisonlhart requested a review from a team as a code owner October 3, 2024 16:18
@alisonlhart alisonlhart requested review from audgirka and sshedmake and removed request for a team October 3, 2024 16:18
@alisonlhart alisonlhart requested review from ssbarnea, cidrblock and shatakshiiii and removed request for audgirka and sshedmake October 3, 2024 16:19
Copy link
Member

@ssbarnea ssbarnea left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also modify dependabot config to prevent it from picking v4.6.0 when running on action otherwise, you change will be undone by it.

See https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#ignore

I think that we can assume that next version will address the issue, just skip 4.6.0

@alisonlhart
Copy link
Contributor Author

@ssbarnea Added!

@alisonlhart alisonlhart changed the title Pin codecov version to 4.5.0 Pin codecov action to v4.5.0 and update dependabot.yml to ignore v4.6.0 Oct 4, 2024
@alisonlhart alisonlhart force-pushed the fix/pin-codecov-version branch from d9c4680 to 2e5b975 Compare October 4, 2024 16:19
@alisonlhart alisonlhart force-pushed the fix/pin-codecov-version branch from 2e5b975 to f0a6ba1 Compare October 4, 2024 19:06
@alisonlhart alisonlhart requested a review from Qalthos October 4, 2024 19:23
@alisonlhart alisonlhart merged commit 4d47dff into ansible:main Oct 4, 2024
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
Archived in project
Development

Successfully merging this pull request may close these issues.

3 participants