AndreKurait
commented
1 month ago Workaround is to close the PR and make a new one e.g. https://github.com/opensearch-project/opensearch-migrations/pull/1019
Open AndreKurait opened 1 month ago
AndreKurait
commented
1 month ago Workaround is to close the PR and make a new one e.g. https://github.com/opensearch-project/opensearch-migrations/pull/1019
G-Rath
commented
1 month ago I'm getting this quite a lot suddenly on https://github.com/google/osv-scanner - this only started happening in the last couple of weeks and afaik there have not been any changes to the branch protection rules (@another-rex could you confirm this?)
Some action examples:
greg0ire
commented
1 month ago @thomasrockhu can you please look into this one? 🙏
greg0ire
commented
4 weeks ago @thomasrockhu-codecov seems to be a better handle to ping :)
thomasrockhu-codecov
commented
1 week ago @greg0ire @AndreKurait noting that I see this. Am asking the team what the expected behavior is but from what I can tell, we have always had protected branches require a token.
@AndreKurait have you seen this come up again or was it that one time?
thomasrockhu-codecov
commented
1 week ago @G-Rath please let me know if there was a change in branch protection rules
G-Rath
commented
1 week ago @thomasrockhu-codecov I don't know as I'm not the owner of the repository, but I've not seen this failure for a few weeks so I assume it's just been fixed 🤷
greg0ire
commented
1 week ago @thomasrockhu-codecov I no longer see the _error message on my repository, but I still have an issue: the upload is never processed. I will file a separate bug report.
greg0ire
commented
1 week ago thomasrockhu-codecov
commented
1 week ago Going to close this one out for now, @greg0ire I'll take a look at that issue
AndreKurait
commented
1 week ago @thomasrockhu-codecov I just hit this again, can we reopen this?
I only ever get it after pushing multiple commits after creating a PR.
It appears to be a bug in detecting the fork ==> Fork detected, tokenless uploading used, whereas the PR and action is on a public repo.
Run codecov/codecov-action@v4
with:
files: ./coverage.xml
flags: python-test
fail_ci_if_error: true
env:
python-version: 3.11
java-version: 11
gradle-version: 8.0.[2](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:2)
node-version: 18.x
pythonLocation: /opt/hostedtoolcache/Python/[3](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:3).11.10/x64
PKG_CONFIG_PATH: /opt/hostedtoolcache/Python/3.11.10/x6[4](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:4)/lib/pkgconfig
Python_ROOT_DIR: /opt/hostedtoolcache/Python/3.11.10/x64
Python2_ROOT_DIR: /opt/hostedtoolcache/Python/3.11.10/x64
Python3_ROOT_DIR: /opt/hostedtoolcache/Python/3.11.10/x64
LD_LIBRARY_PATH: /opt/hostedtoolcache/Python/3.11.10/x64/lib
eventName: pull_request
baseRef: opensearch-project:main | headRef: AndreKurait:ClusterTools
==> Fork detected, tokenless uploading used
==> linux OS detected
https://cli.codecov.io/latest/linux/codecov.SHA2[5](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:5)6SUM
gpg: directory '/home/runner/.gnupg' created
gpg: keybox '/home/runner/.gnupg/pubring.kbx' created
gpg: /home/runner/.gnupg/trustdb.gpg: trustdb created
gpg: key 80[6](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:6)BB28AED[7](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:7)79869: public key "Codecov Uploader (Codecov Uploader Verification Key) <security@codecov.io>" imported
gpg: Total number processed: 1
gpg: imported: 1
gpg: Signature made Fri Oct 1[8](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:8) 16:02:53 2024 UTC
gpg: using RSA key 27034E7FDB850E0BBC2C62FF806BB28AED77[9](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:9)869
gpg: Good signature from "Codecov Uploader (Codecov Uploader Verification Key) <security@codecov.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 2703 4E7F DB85 0E0B BC2C 62FF 806B B28A ED77 9869
==> Uploader SHASUM verified (452ad3c57dc4ff698e9ca36786a2d09be5db254c32c4a4fb6d08c18146e4d8c1 codecov)
==> Running version latest
==> Running version v0.8.0
==> Running git config --global --add safe.directory /home/runner/work/opensearch-migrations/opensearch-migrations
/usr/bin/git config --global --add safe.directory /home/runner/work/opensearch-migrations/opensearch-migrations
==> Running command '/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-commit'
/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-commit --git-service github -B AndreKurait:ClusterTools -C 0a777ce0e5265921a8b2a4f682300[10](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:10)5f085a2ad -Z
info - 2024-[11](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:11)-07 15:44:12,801 -- ci service found: github-actions
info - 2024-11-07 15:44:[12](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:12),811 -- The PR is happening in a forked repo. Using tokenless upload.
info - 2024-11-07 15:44:[13](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:13),304 -- Process Commit creating complete
==> Running command '/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-report'
/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-report --git-service github -C 0a777ce0e5265921a8b2a4f682300105f085a2ad -Z
info - 2024-11-07 15:44:[14](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:14),021 -- ci service found: github-actions
info - 2024-11-07 [15](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:15):44:14,451 -- Process Report creating complete
error - 2024-11-07 15:44:14,451 -- Report creating failed: {"message":"Token required because branch is protected"}
Error: Codecov:
Failed to properly create report: The process '/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov' failed with exit code 1It's inconsistent because another action on the same commit passed
0s
1m 18s
5s
Run codecov/codecov-action@v4
eventName: pull_request
baseRef: opensearch-project:main | headRef: AndreKurait:ClusterTools
==> Fork detected, tokenless uploading used
==> linux OS detected
https://cli.codecov.io/latest/linux/codecov.SHA256SUM
gpg: directory '/home/runner/.gnupg' created
gpg: keybox '/home/runner/.gnupg/pubring.kbx' created
gpg: /home/runner/.gnupg/trustdb.gpg: trustdb created
gpg: key 806BB28AED779869: public key "Codecov Uploader (Codecov Uploader Verification Key) <security@codecov.io>" imported
gpg: Total number processed: [1](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664938292?pr=1120#step:5:1)
gpg: imported: 1
gpg: Signature made Fri Oct [18](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664938292?pr=1120#step:5:19) 16:02:53 2024 UTC
gpg: using RSA key 27034E7FDB850E0BBC2C62FF806BB28AED779869
gpg: Good signature from "Codecov Uploader (Codecov Uploader Verification Key) <security@codecov.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 2703 4E7F DB85 0E0B BC2C 62FF 806B B28A ED77 9869
==> Uploader SHASUM verified (452ad3c57dc4ff698e9ca36786a2d09be5db254c32c4a4fb6d08c18146e4d8c1 codecov)
==> Running version latest
==> Running version v0.8.0
==> Running git config --global --add safe.directory /home/runner/work/opensearch-migrations/opensearch-migrations
/usr/bin/git config --global --add safe.directory /home/runner/work/opensearch-migrations/opensearch-migrations
==> Running command '/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-commit'
/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-commit --git-service github -B AndreKurait:ClusterTools -C 0a777ce0e5265921a8b2a4f682300105f085a2ad -Z
info - 2024-11-07 15:45:03,116 -- ci service found: github-actions
info - 2024-11-07 15:45:03,126 -- The PR is happening in a forked repo. Using tokenless upload.
info - 2024-11-07 15:45:03,626 -- Process Commit creating complete
==> Running command '/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-report'
/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-report --git-service github -C 0a777ce0e5265921a8b2a4f682300105f085a2ad -Z
info - 2024-11-07 15:45:04,340 -- ci service found: github-actions
info - 2024-11-07 15:45:05,[19](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664938292?pr=1120#step:5:20)3 -- Process Report creating complete
info - [20](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664938292?pr=1120#step:5:21)24-11-07 15:45:05,194 -- Finished creating report successfully --- {"response": "{\"status\":\"queued\"}\n"}
==> Running command '/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov do-upload'
/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov do-upload -Z -f ./coverage.xml -F python-test --git-service github -C 0a777ce0e52659[21](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664938292?pr=1120#step:5:22)a8b2a4f682300105f085a2ad
info - 2024-11-07 15:45:05,908 -- ci service found: github-actions
warning - 2024-11-07 15:45:05,919 -- xcrun is not installed or can't be found.
warning - 2024-11-07 15:45:05,944 -- No gcov data found.
warning - 2024-11-07 15:45:05,944 -- coverage.py is not installed or can't be found.
warning - 2024-11-07 15:45:05,976 -- Some files were not found --- {"not_found_files": ["coverage.xml"]}
info - 2024-11-07 15:45:06,016 -- Found 1 coverage files to report
info - 2024-11-07 15:45:06,016 -- > /home/runner/work/opensearch-migrations/opensearch-migrations/TrafficCapture/dockerSolution/src/main/docker/migrationConsole/cluster_tools/coverage.xml
info - 2024-11-07 15:45:06,568 -- Your upload is now processing. When finished, results will be available at: https://app.codecov.io/github/opensearch-project/opensearch-migrations/commit/0a777ce0e5265921a8b2a4f68[23](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664938292?pr=1120#step:5:24)00105f085a2ad
info - 2024-11-07 15:45:06,750 -- Process Upload complete@AndreKurait got it, taking a look
bobleesj
commented
1 week ago @thomasrockhu-codecov Not sure if would help but wanted to share that we are seeing this issue too. No branch projection has been added.
The first commit passes https://github.com/diffpy/diffpy.utils/pull/158/commits/87a5b6de22fe03ffbfe20ed1a489bac3dc942880, but when a new commit (https://github.com/diffpy/diffpy.utils/pull/158/commits/f45ba82518407988b66f4bf32f914e1938f43d6b) is added, it starts to fail with the message.
thomasrockhu-codecov
commented
1 week ago This one is really strange, I'm syncing with the product team to try to understand why this is happening.
That said, we are planning to release action@v5 in the next 2 weeks (likely next week) which SHOULD fix this issue too.
thomasrockhu-codecov
commented
6 days ago Leaving a tasklist of some issues/PRs that will mitigate/fix the issue
thomasrockhu-codecov
commented
5 days ago @bobleesj @AndreKurait we pushed a different change from the tasklist above that I think will solve a race condition we were having. Can you see if this issue is still happening?
bobleesj
commented
5 days ago @thomasrockhu-codecov Thanks! Yup will do.
thomasrockhu-codecov
commented
5 days ago @AndreKurait everything ok? I got a message in my email and just wanted to double-check
AndreKurait
commented
5 days ago We had some failures tonight with a new error message.
debug - 2024-11-13 03:02:19,983 -- Report creating result --- {"result": "RequestResult(error=RequestError(code='HTTP Error 400', params={}, description='[{\"input\":{\"branch\":\"AndreKurait:DisableCodeCovAsRequired\",\"commit_id\":\"6c43932a06a2d9bb5e3ca9b269a28738749ca981\",\"repo_id\":15896619,\"repo_name\":\"opensearch-migrations\"},\"loc\":[\"id\"],\"msg\":\"Field required\",\"type\":\"missing\",\"url\":\"[https://errors.pydantic.dev/2.4/v/missing\](https://errors.pydantic.dev/2.4/v/missing/)"}]\\n'), warnings=[], status_code=400, text='[{\"input\":{\"branch\":\"AndreKurait:DisableCodeCovAsRequired\",\"commit_id\":\"6c43932a06a2d9bb5e3ca9b269a28738749ca981\",\"repo_id\":15896619,\"repo_name\":\"opensearch-migrations\"},\"loc\":[\"id\"],\"msg\":\"Field required\",\"type\":\"missing\",\"url\":\"[https://errors.pydantic.dev/2.4/v/missing\](https://errors.pydantic.dev/2.4/v/missing/)"}]\\n')"}
error - 2024-11-13 03:02:19,983 -- Report creating failed: [{"input":{"branch":"AndreKurait:DisableCodeCovAsRequired","commit_id":"6c43932a06a2d9bb5e3ca9b269a28738749ca981","repo_id":15896619,"repo_name":"opensearch-migrations"},"loc":["id"],"msg":"Field required","type":"missing","url":"https://errors.pydantic.dev/2.4/v/missing"}]Made some PRs which passed, and some failed.
I have a suspicion there's some throttling limits involved, so i set up some actions to retry 20 times, and observed this error message occur consistently.
I looked into our use of tokens, and saw we were triggering our action on pull_request which doesn't have access to secrets, and thus wouldn't have access to the codecov token. I'm switching it to pull_request_target which looks promising in initial testing.
thomasrockhu-codecov
commented
4 days ago @AndreKurait do you have CI link to think? I can take a look
found it
thomasrockhu-codecov
commented
3 days ago @AndreKurait we pushed a fix for this earlier today, can you try again?
bobleesj
commented
3 days ago @thomasrockhu-codecov just wanted to share we've had no issues so far, around 3-4 PRs across 2-3 repos since then.
pellared
commented
3 days ago EDIT: most likely caused by:
You must now upload using a token. Upload with either the global upload token or the repo upload token. Contact your admins to manage the upload token settings.
I started to have this issue today. Example:
Run codecov/codecov-action@v5.0.0
with:
fail_ci_if_error: true
files: ./coverage.out
flags: Linux
disable_file_fixes: false
disable_search: false
disable_safe_directory: false
dry_run: false
git_service: github
gcov_executable: gcov
handle_no_reports_found: false
skip_validation: false
use_legacy_upload_endpoint: false
use_oidc: false
verbose: false
version: latest
Run git config --global --add safe.directory /home/runner/work/splunk-otel-go/splunk-otel-go
git config --global --add safe.directory /home/runner/work/splunk-otel-go/splunk-otel-go
shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
Run if [ false == 'true' ];
if [ false == 'true' ];
then
# {"count":1984,"value":"***"}
CODECOV_TOKEN=$(curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=api://AzureADTokenExchange" | cut -d\' -f6)
echo "CODECOV_TOKEN=$CODECOV_TOKEN" >> $GITHUB_ENV
else
if [ -n ];
then
CODECOV_TOKEN=
echo "CODECOV_TOKEN=$CODECOV_TOKEN" >> $GITHUB_ENV
fi
fi
shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
Run ${GITHUB_ACTION_PATH}/dist/codecov.sh
${GITHUB_ACTION_PATH}/dist/codecov.sh
shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
env:
CODECOV_TOKEN:
CC_BINARY:
CC_BRANCH:
CC_BUILD:
CC_BUILD_URL:
CC_CODE:
CC_DIR:
CC_DISABLE_FILE_FIXES: false
CC_DISABLE_SEARCH: false
CC_DRY_RUN: false
CC_ENTERPRISE_URL:
CC_ENV:
CC_EXCLUDES:
CC_FAIL_ON_ERROR: true
CC_FILES: ./coverage.out
CC_FLAGS: Linux
CC_GCOV_ARGS:
CC_GCOV_EXECUTABLE: gcov
CC_GCOV_IGNORE:
CC_GCOV_INCLUDE:
CC_GIT_SERVICE: github
CC_HANDLE_NO_REPORTS_FOUND: false
CC_JOB_CODE:
CC_LEGACY: false
CC_NAME:
CC_NETWORK_FILTER:
CC_NETWORK_PREFIX:
CC_NETWORK_ROOT_FOLDER:
CC_OS:
CC_PARENT_SHA:
CC_PLUGINS:
CC_PR:
CC_REPORT_TYPE:
CC_SHA:
CC_SKIP_VALIDATION: false
CC_SLUG:
CC_SWIFT_PROJECT:
CC_TOKEN: $CODECOV_TOKEN
CC_VERBOSE: false
CC_VERSION: latest
CC_YML_PATH:
_____ _
/ ____| | |
| | ___ __| | ___ ___ _____ __
| | / _ \ / _` |/ _ \/ __/ _ \ \ / /
| |___| (_) | (_| | __/ (_| (_) \ V /
\_____\___/ \__,_|\___|\___\___/ \_/
Wrapper-0.0.[2](https://github.com/signalfx/splunk-otel-go/actions/runs/11844948800/job/33009327669?pr=3494#step:5:2)3
==> Detected linux
-> Downloading https://cli.codecov.io/latest/linux/codecov
==> Finishing downloading linux:latest
Version: v9.0.4
gpg: directory '/home/runner/.gnupg' created
gpg: keybox '/home/runner/.gnupg/pubring.kbx' created
gpg: /home/runner/.gnupg/trustdb.gpg: trustdb created
gpg: key 806BB28AED779869: public key "Codecov Uploader (Codecov Uploader Verification Key) <security@codecov.io>" imported
gpg: Total number processed: 1
gpg: imported: 1
==> Verifying GPG signature integrity
-> Downloading https://cli.codecov.io/latest/linux/codecov.SHA256SUM
-> Downloading https://cli.codecov.io/latest/linux/codecov.SHA256SUM.sig
gpg: Signature made Thu Nov 14 20:[3](https://github.com/signalfx/splunk-otel-go/actions/runs/11844948800/job/33009327669?pr=3494#step:5:3)2:01 2024 UTC
gpg: using RSA key 2703[4](https://github.com/signalfx/splunk-otel-go/actions/runs/11844948800/job/33009327669?pr=3494#step:5:4)E7FDB850E0BBC2C62FF806BB28AED779869
gpg: Good signature from "Codecov Uploader (Codecov Uploader Verification Key) <security@codecov.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 2703 4E7F DB8[5](https://github.com/signalfx/splunk-otel-go/actions/runs/11844948800/job/33009327669?pr=3494#step:5:5) 0E0B BC2C 62FF 80[6](https://github.com/signalfx/splunk-otel-go/actions/runs/11844948800/job/33009327669?pr=3494#step:5:6)B B28A ED77 9869
codecov: OK
==> CLI integrity verified
-> Token of length 0 detected
==> Running create-commit
./codecov create-commit --fail-on-error --git-service github
info - 2024-11-14 20:33:52,663 -- ci service found: github-actions
warning - 2024-11-14 20:33:52,6[7](https://github.com/signalfx/splunk-otel-go/actions/runs/11844948800/job/33009327669?pr=3494#step:5:7)0 -- No config file could be found. Ignoring config.
info - 2024-11-14 20:33:52,[9](https://github.com/signalfx/splunk-otel-go/actions/runs/11844948800/job/33009327669?pr=3494#step:5:9)99 -- Process Commit creating complete
error - 2024-[11](https://github.com/signalfx/splunk-otel-go/actions/runs/11844948800/job/33009327669?pr=3494#step:5:11)-14 20:33:52,999 -- Commit creating failed: {"message":"Token required because branch is protected"}
==> Failed to create-commit
Exiting...
Error: Process completed with exit code 1.@pellared got it! I think I figured out the root cause, I hope to get a fix in by tomorrow (https://github.com/codecov/codecov-action/pull/1650)
KATT
commented
3 days ago This is still broken for me
thomasrockhu-codecov
commented
2 days ago @KATT do you mind trying on 5.0.1?
KATT
commented
2 days ago We use codecov/codecov-action@v5 which I (presume?) will just install the latest ^5.x.y
I can't test it without creating a new github user etc, so I'll see whenever a new PR drops in next, I force-merged the aforementioned one
On a public repo, i'm getting inconsistent results with codecov-v4
e.g. https://github.com/opensearch-project/opensearch-migrations/pull/1016
First Run - Successful
Subsequent Run - Failure