[infrastructure] Update Codecov upload steps

taocpp / PEGTL

Parsing Expression Grammar Template Library

Boost Software License 1.0

1.95k stars 229 forks source link

[infrastructure] Update Codecov upload steps #374

Closed uilianries closed 1 day ago

uilianries commented 1 day ago

The current Codecov is not receiving the Code coverage results anymore, the last report is 3 months old: https://app.codecov.io/gh/taocpp/PEGTL/tree/work

The Codecov changed a bit, now they have an integrated Github Action, that can be connected directly to project: https://github.com/marketplace/actions/codecov

The current upload steps are a bit different, not including the new integrated application, but the token used for upload: https://docs.codecov.com/docs/github-2-getting-a-codecov-account-and-uploading-coverage#install-the-github-app-integration

codecov[bot] commented 1 day ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 97.63%. Comparing base (3356c1b) to head (499eed0). Report is 66 commits behind head on work.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## work #374 +/- ## ========================================== - Coverage 99.27% 97.63% -1.65% ========================================== Files 362 365 +3 Lines 6939 7114 +175 Branches 0 202 +202 ========================================== + Hits 6889 6946 +57 Misses 50 50 - Partials 0 118 +118 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

d-frey commented 1 day ago

Thanks for working on this! I tried adding a code coverage job to taocpp/taopq, but it failed. Could you move the token from the PEGTL to the organization level (taocpp)? (Given that this would allow all taocpp-projects to use Codecov)

uilianries commented 1 day ago

@d-frey That's not possible, not because Github does not support (it does: https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-an-organization), but because Codecov generates different tokens for each project, as fine grain token, so in case one token is compromised, we don't risk all projects.

I can adjust it right now, but to you understand the steps:

Enter at https://app.codecov.io/gh/taocpp/taopq/config/general
Copy the token provided for taopq
Enter at https://github.com/taocpp/taopq/settings/secrets/actions
Add a "New Repository Secret"
Name it as CODECOV_TOKEN and pass the token as its value
Done!

uilianries commented 1 day ago

@d-frey @ColinH The Taopq is working again on the Codecov page: https://app.codecov.io/gh/taocpp/taopq. An incredible coverage of 96.96%!!!

I see other projects are not configured yet, I'll take a look by today during my evening.

d-frey commented 1 day ago

Thank you! I will bring the Badge back for the taopq README :)