From d060c7f457c2a6effa07e7496115c69a94ba9fed Mon Sep 17 00:00:00 2001
From: Cristhian Garcia <crisgarta8@gmail.com>
Date: Thu, 25 Apr 2024 10:09:44 -0500
Subject: [PATCH 1/2] build: replace codecov with
python-coverage-comment-action
---
.coveragerc | 1 +
.github/workflows/ci.yml | 26 +++++++++++++++++++++---
.github/workflows/coverage.yml | 36 ++++++++++++++++++++++++++++++++++
3 files changed, 60 insertions(+), 3 deletions(-)
create mode 100644 .github/workflows/coverage.yml
diff --git a/.coveragerc b/.coveragerc
index adb924a7..33e85bff 100644
--- a/.coveragerc
+++ b/.coveragerc
@@ -1,5 +1,6 @@
[run]
branch = True
+relative_files = True
data_file = .coverage
source=event_routing_backends
omit =
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 9ceb20ed..29ce6806 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -17,6 +17,14 @@ jobs:
os: [ubuntu-20.04]
python-version: ['3.8']
toxenv: [quality, docs, pii_check, django32, django42]
+ permissions:
+ # Gives the action the necessary permissions for publishing new
+ # comments in pull requests.
+ pull-requests: write
+ # Gives the action the necessary permissions for pushing data to the
+ # python-coverage-comment-action branch, and for editing existing
+ # comments (to avoid publishing multiple comments in the same PR)
+ contents: write
steps:
- uses: actions/checkout@v4
@@ -38,7 +46,19 @@ jobs:
- name: Run Coverage
if: matrix.python-version == '3.8' && matrix.toxenv=='django42'
- uses: codecov/codecov-action@v3
+ uses: py-cov-action/python-coverage-comment-action@v3
with:
- flags: unittests
- fail_ci_if_error: true
+ GITHUB_TOKEN: ${{ github.token }}
+ MINIMUM_GREEN: 90
+ MINIMUM_ORANGE: 85
+ ANNOTATE_MISSING_LINES: true
+ ANNOTATION_TYPE: error
+
+ - name: Store Pull Request comment to be posted
+ uses: actions/upload-artifact@v4
+ if: steps.coverage_comment.outputs.COMMENT_FILE_WRITTEN == 'true'
+ with:
+ # If you use a different name, update COMMENT_ARTIFACT_NAME accordingly
+ name: python-coverage-comment-action
+ # If you use a different name, update COMMENT_FILENAME accordingly
+ path: python-coverage-comment-action.txt
diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml
new file mode 100644
index 00000000..a36cf242
--- /dev/null
+++ b/.github/workflows/coverage.yml
@@ -0,0 +1,36 @@
+# .github/workflows/coverage.yml
+name: Post coverage comment
+
+on:
+ workflow_run:
+ workflows: ["Python CI"]
+ types:
+ - completed
+
+jobs:
+ test:
+ name: Run tests & display coverage
+ runs-on: ubuntu-latest
+ if: github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'success'
+ permissions:
+ # Gives the action the necessary permissions for publishing new
+ # comments in pull requests.
+ pull-requests: write
+ # Gives the action the necessary permissions for editing existing
+ # comments (to avoid publishing multiple comments in the same PR)
+ contents: write
+ # Gives the action the necessary permissions for looking up the
+ # workflow that launched this workflow, and download the related
+ # artifact that contains the comment to be published
+ actions: read
+ steps:
+ # DO NOT run actions/checkout here, for security reasons
+ # For details, refer to https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
+ - name: Post comment
+ uses: py-cov-action/python-coverage-comment-action@v3
+ with:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ GITHUB_PR_RUN_ID: ${{ github.event.workflow_run.id }}
+ # Update those if you changed the default values:
+ # COMMENT_ARTIFACT_NAME: python-coverage-comment-action
+ # COMMENT_FILENAME: python-coverage-comment-action.txt
From 800b2011a0f923cef9927d799adac7b6e730a416 Mon Sep 17 00:00:00 2001
From: Cristhian Garcia <crisgarta8@gmail.com>
Date: Thu, 25 Apr 2024 10:24:00 -0500
Subject: [PATCH 2/2] build: update codecov action to use repo-specific tokens
---
.coveragerc | 1 -
.github/workflows/ci.yml | 27 ++++---------------------
.github/workflows/coverage.yml | 36 ----------------------------------
3 files changed, 4 insertions(+), 60 deletions(-)
delete mode 100644 .github/workflows/coverage.yml
diff --git a/.coveragerc b/.coveragerc
index 33e85bff..adb924a7 100644
--- a/.coveragerc
+++ b/.coveragerc
@@ -1,6 +1,5 @@
[run]
branch = True
-relative_files = True
data_file = .coverage
source=event_routing_backends
omit =
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 29ce6806..2b46deef 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -17,14 +17,6 @@ jobs:
os: [ubuntu-20.04]
python-version: ['3.8']
toxenv: [quality, docs, pii_check, django32, django42]
- permissions:
- # Gives the action the necessary permissions for publishing new
- # comments in pull requests.
- pull-requests: write
- # Gives the action the necessary permissions for pushing data to the
- # python-coverage-comment-action branch, and for editing existing
- # comments (to avoid publishing multiple comments in the same PR)
- contents: write
steps:
- uses: actions/checkout@v4
@@ -46,19 +38,8 @@ jobs:
- name: Run Coverage
if: matrix.python-version == '3.8' && matrix.toxenv=='django42'
- uses: py-cov-action/python-coverage-comment-action@v3
+ uses: codecov/codecov-action@v4
with:
- GITHUB_TOKEN: ${{ github.token }}
- MINIMUM_GREEN: 90
- MINIMUM_ORANGE: 85
- ANNOTATE_MISSING_LINES: true
- ANNOTATION_TYPE: error
-
- - name: Store Pull Request comment to be posted
- uses: actions/upload-artifact@v4
- if: steps.coverage_comment.outputs.COMMENT_FILE_WRITTEN == 'true'
- with:
- # If you use a different name, update COMMENT_ARTIFACT_NAME accordingly
- name: python-coverage-comment-action
- # If you use a different name, update COMMENT_FILENAME accordingly
- path: python-coverage-comment-action.txt
+ flags: unittests
+ fail_ci_if_error: true
+ token: ${{ secrets.CODECOV_TOKEN }}
diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml
deleted file mode 100644
index a36cf242..00000000
--- a/.github/workflows/coverage.yml
+++ /dev/null
@@ -1,36 +0,0 @@
-# .github/workflows/coverage.yml
-name: Post coverage comment
-
-on:
- workflow_run:
- workflows: ["Python CI"]
- types:
- - completed
-
-jobs:
- test:
- name: Run tests & display coverage
- runs-on: ubuntu-latest
- if: github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'success'
- permissions:
- # Gives the action the necessary permissions for publishing new
- # comments in pull requests.
- pull-requests: write
- # Gives the action the necessary permissions for editing existing
- # comments (to avoid publishing multiple comments in the same PR)
- contents: write
- # Gives the action the necessary permissions for looking up the
- # workflow that launched this workflow, and download the related
- # artifact that contains the comment to be published
- actions: read
- steps:
- # DO NOT run actions/checkout here, for security reasons
- # For details, refer to https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
- - name: Post comment
- uses: py-cov-action/python-coverage-comment-action@v3
- with:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- GITHUB_PR_RUN_ID: ${{ github.event.workflow_run.id }}
- # Update those if you changed the default values:
- # COMMENT_ARTIFACT_NAME: python-coverage-comment-action
- # COMMENT_FILENAME: python-coverage-comment-action.txt