Closed bernhardkaindl closed 1 week ago
I'd rather revert the change that introduced v4, or use coveralls rather than adding this much complexity. Is coveralls more stable than codecov?
I agree with Pau; complexity in these nice-to-have features will cause breakage down the line that will be expensive to fix.
coveralls works well to upload coverage for both python versions: https://coveralls.io/builds/68333955
The merge of #5734 on master (merge commit on master: https://github.com/xapi-project/xen-api/commit/5bd9b86b30c9c02d3b702b45194fd5943e8ca10a) uses OpenID Connect (OIDC) to have a token-based coverage upload to Codecov.
But because OpenID Connect is only available for builds from users that use OIDC:
Docs on the Codecov action and using OIDC: https://github.com/marketplace/actions/codecov#using-oidc
The most reliable way to upload to codecov.io is codecov@v4 with the CODECOV_TOKEN secret.
Without that hurdle jumped, we only have the option of fallbacks:
This PR implements all these fallbacks. These are useful for the xapi-project/xen-api and for working on and with forks.
If xapi-project/xen-api adopts the setup of the CODECOV_TOKEN, also forks of it would use it. GitHub is trusted to protect the tokens like it it is trusted with all other GitHub action secrets.