-
Notifications
You must be signed in to change notification settings - Fork 205
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
oidc: Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable #1594
Comments
Apparently v4.6.0 release included a single relevant change well hidden inside the long list of CI/build changes, as #1511 -- and it seems to be related to oidc. Less important, but I bet others will appreciate if you would tune the changelog generation to at least use sections for the type of changes made or even to hide the non-relevant changes, so they would be easier to read. |
@thomasrockhu-codecov can you please look into this? We have the confirmation that this was a regression introduced by v4.6.0. I would personally unpublish it or at least move the Minor version changes are not supposed to break integration. What makes it worse is the if we switch to |
Another workaround: - name: Upload coverage reports to Codecov
uses: codecov/codecov-action@v4
with:
use_oidc: ${{ !(github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork) }} The error only happens when the |
oidc does not work on PR from a fork (issue: codecov/codecov-action#1594)
oidc does not work on PR from a fork (issue: codecov/codecov-action#1594)
A very recent regression appeared for OIDC in the last couple of days and today I faces same error in two repositories that are using the OIDC authentication for uploading the coverage results.
We googled the error and we checked if we have the required permissions as below, but still we seen the failure.
Considering that https://github.com/codecov/codecov-action/releases/tag/v4.6.0 was release two days ago, I wonder if that regression was not introduce in this release as the upload was working fine before. We use the
v4
versioning tag because we assumed that minor version bumps would not introduce breakages.Examples:
The text was updated successfully, but these errors were encountered: