I have been using GitHub Actions and the codecov-action in a public GitHub repository ("ncompare") that I help maintain, but recently this codecov upload step (in this test workflow) started raising errors, with messages about not having the codecov token.
The token is saved under the name "CODECOV_TOKEN" as a repository secret.
The errors have taken two forms. The first is (see full log here):
debug - 2024-04-09 13:05:05,527 -- Starting create commit process --- {"commit_sha": "dc6df2f3530a6c18f6b23ab63a8549754fae6e1f", "parent_sha": null, "pr": null, "branch": "develop", "slug": "nasa/ncompare", "token": null, "service": "github", "enterprise_url": null}
Error: Codecov token not found. Please provide Codecov token with -t flag.
Error: Codecov: Failed to properly create commit: The process '/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov' failed with exit code 1
The second form is (see full log here):
[2024-04-08T18:04:32.790Z] ['info'] Pinging Codecov: https://codecov.io/upload/v4?package=github-action-3.1.6-uploader-0.7.2&token=*******&branch=develop&build=8604645331&build_url=https%3A%2F%2Fgithub.com%2Fnasa%2Fncompare%2Factions%2Fruns%2F8604645331&commit=0c5f7f070497072c670fca7cb4a65d97a4b6ce25&job=CI&pr=&service=github-actions&slug=nasa%2Fncompare&name=&tag=&flags=&parent=
[2024-04-08T18:04:32.790Z] ['verbose'] Passed token was 0 characters long
[2024-04-08T18:04:32.790Z] ['verbose'] https://codecov.io/upload/v4?package=github-action-3.1.6-uploader-0.7.2&branch=develop&build=8604645331&build_url=https%3A%2F%2Fgithub.com%2Fnasa%2Fncompare%2Factions%2Fruns%2F8604645331&commit=0c5f7f070497072c670fca7cb4a65d97a4b6ce25&job=CI&pr=&service=github-actions&slug=nasa%2Fncompare&name=&tag=&flags=&parent=
Content-Type: 'text/plain'
Content-Encoding: 'gzip'
X-Reduced-Redundancy: 'false'
[2024-04-08T18:04:32.989Z] ['error'] There was an error running the uploader: Error uploading to https://codecov.io: Error: There was an error fetching the storage URL during POST: 404 - {'detail': ErrorDetail(string='Unable to locate build via Github Actions API. Please upload with the Codecov repository upload token to resolve issue.', code='not_found')}
[2024-04-08T18:04:32.990Z] ['verbose'] The error stack is: Error: Error uploading to https://codecov.io: Error: There was an error fetching the storage URL during POST: 404 - {'detail': ErrorDetail(string='Unable to locate build via Github Actions API. Please upload with the Codecov repository upload token to resolve issue.', code='not_found')}
at main (/snapshot/repo/dist/src/index.js)
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
[2024-04-08T18:04:32.990Z] ['verbose'] End of uploader: 552 milliseconds
Error: Codecov: Failed to properly upload: The process '/home/runner/work/_actions/codecov/codecov-action/v3/dist/codecov' failed with exit code 255
codecov-action.with:
token: ${{ secrets.CODECOV_TOKEN }}
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
Based on your workflow file, you are triggering them as workflow_call. To get around the issue with missing token, you have to pass your secrets into your workflow_call job in reusable_run_tests.yml.
Here's an example based on your code:
In resuable_run_tests.yml:
on:
workflow_call:
secrets:
codecov_token:
required: true
workflow_dispatch:
jobs:
build_and_test:
runs-on: ubuntu-latest
...
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@v4
with:
token: ${{ secrets.codecov_token }}
verbose: true
Then in your caller job, which in your case is in pull-request-received.yml, you call the job above by passing in the CodeCov token as a secret from your repository. This way, you don't expose your CodeCov token.
jobs:
build_and_test:
uses: ./.github/workflows/reusable_run_tests.yml
secrets:
codecov_token: ${{ secrets.CODECOV_TOKEN }}
I hope this helps!