You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The issue here is that this happening on pull requests coming from external forks, triggered on pull_request, so they do not have access to the environment secrets.
Changing the workflow definition to trigger on pull_request_target would prevent us from testing genuine pull requests that are fixing GHA workflows themselves. A bit of a chicken and the egg kind of issue.
Should I maybe upload test results only for jobs triggered on pushes and avoid running them for pull-requests?
PS. In fact I am wondering why this action was developed separately instead of just extending codecov/codecov-action to also allow upload of test results. It would have being much easier from many points of view, including addressing the authentication challenges.
The text was updated successfully, but these errors were encountered:
As opposed to its older sibling https://github.com/codecov/codecov-action this action does not support
use_oidcflag.The issue here is that this happening on pull requests coming from external forks, triggered on
pull_request, so they do not have access to the environment secrets.Changing the workflow definition to trigger on
pull_request_targetwould prevent us from testing genuine pull requests that are fixing GHA workflows themselves. A bit of a chicken and the egg kind of issue.Should I maybe upload test results only for jobs triggered on pushes and avoid running them for pull-requests?
PS. In fact I am wondering why this action was developed separately instead of just extending
codecov/codecov-actionto also allow upload of test results. It would have being much easier from many points of view, including addressing the authentication challenges.The text was updated successfully, but these errors were encountered: