coveralls action failing with "getaddrinfo EAI_AGAIN coveralls.io"

[bluca]

Run coverallsapp/github-action@1.1.3
  with:
    github-token: ***
    path-to-lcov: ./build/meson-logs/coverage.info
    coveralls-endpoint: https://coveralls.io
Using lcov file: ./build/meson-logs/coverage.info
Error: Error: getaddrinfo EAI_AGAIN coveralls.io

https://github.com/systemd/systemd/pull/20837/commits/ce50573f63ef0ebf3475f5f17a68a4800782048d https://github.com/systemd/systemd/pull/20837/checks?check_run_id=3704188045

Any idea what that error is and how to fix it?

[bluca]

tried latest master, doesn't work either

[evverx]

I don't think the GHAction in that PR had access to secrets.GITHUB_TOKEN (because it was triggered on "pull_request" from your external fork). Could you try opening a PR from a branch in the systemd repository? Judging by https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ it seems another option would be to switch to pull_request_target (which is generally frowned upon as far as I can tell)

[evverx]

Turns out the tests mess something up horribly and the GHAction gets to the point where coveralls.io can't be resolved. I tried to turn off the unsafe tests, fuzz targets and slow tests in https://github.com/evverx/systemd/pull/7 to fix it but unfortunately it didn't work out. Anyway, I don't think it has anything to do with the coveralls GHAction.

[evverx]

I finally managed to send data to coveralls by removing sudo and running the tests as a non-root user (to prevent the tests from breaking anything): https://coveralls.io/builds/43064381. I'm still not sure where exactly the culprit is though

[bluca]

Oh wow, good catch - I'll try to switch to running the tests under a network namespace

[bluca]

That fixed it - thank you for the hint!