Upload failed: {"detail":"Not valid tokenless upload"} #81
Comments
|
Is there any reason the PR with a fix was not merged? I agree that being able to use OIDC would be very useful.` |
|
Any progress on this feature request? I saw #101 but seems to be a couple of months old |
|
Hey everyone, Thanks for your patience on this! Here’s the latest update on tokenless uploads and OIDC support: When it comes to OIDC Support, a new PR has been opened to improve the use_oidc functionality (PR #113). It is currently being finalized and is expected to be merged within the next week. For tokenless Uploads for Test Analytics, recent changes in our system caused test analytics to fall out of sync with tokenless uploads. However, we’ve now merged fixes in Codecov API PR #1187 and an internal issue, which should have resolved this issue. Tokenless uploads should now be working as expected for test analytics. If you’re still encountering issues, please let us know. |
As opposed to its older sibling https://github.com/codecov/codecov-action this action does not support
use_oidcflag.The issue here is that this happening on pull requests coming from external forks, triggered on
pull_request, so they do not have access to the environment secrets.Changing the workflow definition to trigger on
pull_request_targetwould prevent us from testing genuine pull requests that are fixing GHA workflows themselves. A bit of a chicken and the egg kind of issue.Should I maybe upload test results only for jobs triggered on pushes and avoid running them for pull-requests?
PS. In fact I am wondering why this action was developed separately instead of just extending
codecov/codecov-actionto also allow upload of test results. It would have being much easier from many points of view, including addressing the authentication challenges.The text was updated successfully, but these errors were encountered: