Open drazisil-codecov opened 2 months ago
So, looking at the uploader code it seems you guys only send up CI_MERGE_REQUEST_SOURCE_BRANCH_SHA: https://github.com/codecov/uploader/blob/df81dff8884e7f3b8b06d55dce20d1182f0cb3d2/src/ci_providers/provider_gitlabci.ts#L42C27-L42C61
CI_COMMIT_SHA doesn't seem to be sent by the uploader, so that's an issue.
It is possible to get the CI_COMMIT_SHA from the Gitlab API if you know the project id and the job Id. The job id seems to uploaded by the uploader as the build: https://github.com/codecov/uploader/blob/df81dff8884e7f3b8b06d55dce20d1182f0cb3d2/src/ci_providers/provider_gitlabci.ts#L11
So then you can make this call to the gitlab API using the codecov bot account and parse out the pipeline sha for that job:
curl --header "PRIVATE-TOKEN: -token-" "https://gitlab.com/api/v4/projects/31051509/jobs/7322098095" | jq .pipeline.sha
Using this SHA from the API based on the Job ID should work on gitlab REGARDLESS of which kind of pipeline is being run, merge result, or merge request pipelines.
This strikes me as either a CLI / Uploader fix, or potentially fixable via the worker by using the aforementioned API call to get the correct commit from the job id which we're currently sending on upload.
Will leave to assigned engineer to determine appropriate fix.
@giovanni-guidini to share on update later today.
[UPDATE] Thanks for the patience with this issue, first of all 🙏 Sadly I've been busy with other things.
I have been trying to get a demo repo with merge result pipeline enabled, but I haven't succeeded with that yet. Without the demo repo it will be a bit hard to test for sure.
In the mean time it does seem that this issue affects other integrations with GitLab based on this issue - if that issue was solved then our issue would also be, I suppose. (I assume that we fail the "branch pipeline" by sending the status to the branch source.
In any case I think we can use the worker to directly discover if we need to send extra notifications. Ideally we wouldn't save a temporary commit ID in the DB.
I can confirm that the issue still exists this morning.
From the customer:
From the logs from the codecov uploader we have these two variables:
You are posting the checks against CI_MERGE_REQUEST_SOURCE_BRANCH_SHA but then need to be posted against CI_COMMIT_SHA instead. Coverage should be attributed to CI_MERGE_REQUEST_SOURCE_BRANCH_SHA, which is working properly, but the commit checks need to go back to CI_COMMIT_SHA to block the MR from merging. Sending them to the CI_COMMIT_SHA does NOT cause the Gitlab UI to block the MR from merging when Merge Result pipelines is turned on.
Slack Message