actions/codecov-action
1
0
Fork 0
mirror of https://github.com/codecov/codecov-action.git synced 2025-12-23 12:17:01 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: allow for authentication via OIDC token (#1330)

Browse Source 
* fix: allow for oidc token

* chore(docs): update docs with use_oidc argument

* Update action.yml

Co-authored-by: Cristian Le <github@lecris.me>

* chore(release): 4.2.0

---------

Co-authored-by: Cristian Le <github@lecris.me>
This commit is contained in:
Tom Hu
2024-04-03 15:41:48 -07:00
committed by GitHub
parent 3a20752bdd
commit d820d60619
10 changed files with 351 additions and 279 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
README.md
View File

@@ -64,44 +64,56 @@ steps:
> [!NOTE]
> This assumes that you've set your Codecov token inside *Settings > Secrets* as `CODECOV_TOKEN`. If not, you can [get an upload token](https://docs.codecov.io/docs/frequently-asked-questions#section-where-is-the-repository-upload-token-found-) for your specific repo on [codecov.io](https://www.codecov.io). Keep in mind that secrets are *not* available to forks of repositories.
### Using OIDC
For users with [OpenID Connect(OIDC) enabled](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect), the Codecov token is not necessary. You can use OIDC with the `use_oidc` argument as following.
```yaml
- uses: codecov/codecov-action@v4
with:
use_oidc: true
```
Any token supplied will be ignored, as Codecov will default to the OIDC token for verification.
## Arguments
Codecov's Action supports inputs from the user. These inputs, along with their descriptions and usage contexts, are listed in the table below:
| Input | Description | Required |
| :--- | :--- | :---: |
| `token` | Repository Codecov token. Used to authorize report uploads | *Required
| `codecov_yml_path` | Specify the path to the Codecov YML | Optional
| `commit_parent` | Override to specify the parent commit SHA | Optional
| `directory` | Directory to search for coverage reports. | Optional
| `disable_search` | Disable search for coverage files. This is helpful when specifying what files you want to upload with the --file option. | Optional
| `disable_file_fixes` | Disable file fixes to ignore common lines from coverage (e.g. blank lines or empty brackets) | Optional
| `dry_run` | Don't upload files to Codecov | Optional
| `env_vars` | Environment variables to tag the upload with (e.g. PYTHON \| OS,PYTHON) | Optional
| `exclude` | Folders to exclude from search | Optional
| `fail_ci_if_error` | Specify whether or not CI build should fail if Codecov runs into an error during upload | Optional
| `file` | Path to coverage file to upload | Optional
| `files` | Comma-separated list of files to upload | Optional
| `flags` | Flag upload to group coverage metrics (e.g. unittests \| integration \| ui,chrome) | Optional
| `handle_no_reports_found` | Raise no exceptions when no coverage reports found | Optional
| `job_code` | The job code | Optional
| `name` | User defined upload name. Visible in Codecov UI | Optional
| `os` | Override the assumed OS. Options are linux \| macos \| windows \| . | Optional
| `override_branch` | Specify the branch name | Optional
| `override_build` | Specify the build number | Optional
| `override_build_url` | The URL of the build where this is running | Optional
| `override_commit` | Specify the commit SHA | Optional
| `override_pr` | Specify the pull request number | Optional
| `plugin` | plugins to run. Options: xcode, gcov, pycoverage. The default behavior runs them all. | Optional
| `plugins` | Comma-separated list of plugins for use during upload. | Optional
| `report_code` | The code of the report. If unsure, do not include | Optional
| `root_dir` | Used to specify the location of your .git root to identify project root directory | Optional
| `slug` | Specify the slug manually (Enterprise use) | Optional
| `url` | Specify the base url to upload (Enterprise use) | Optional
| `use_legacy_upload_endpoint` | Use the legacy upload endpoint | Optional
| `verbose` | Specify whether the Codecov output should be verbose | Optional
| `version` | Specify which version of the Codecov CLI should be used. Defaults to `latest` | Optional
| `working-directory` | Directory in which to execute codecov.sh | Optional
| `token` | Repository Codecov token. Used to authorize report uploads | *Required
| `codecov_yml_path` | Specify the path to the Codecov YML | Optional
| `commit_parent` | Override to specify the parent commit SHA | Optional
| `directory` | Directory to search for coverage reports. | Optional
| `disable_search` | Disable search for coverage files. This is helpful when specifying what files you want to upload with the --file option. | Optional
| `disable_file_fixes` | Disable file fixes to ignore common lines from coverage (e.g. blank lines or empty brackets) | Optional
| `dry_run` | Don't upload files to Codecov | Optional
| `env_vars` | Environment variables to tag the upload with (e.g. PYTHON \| OS,PYTHON) | Optional
| `exclude` | Folders to exclude from search | Optional
| `fail_ci_if_error` | Specify whether or not CI build should fail if Codecov runs into an error during upload | Optional
| `file` | Path to coverage file to upload | Optional
| `files` | Comma-separated list of files to upload | Optional
| `flags` | Flag upload to group coverage metrics (e.g. unittests \| integration \| ui,chrome) | Optional
| `handle_no_reports_found` | Raise no exceptions when no coverage reports found | Optional
| `job_code` | The job code | Optional
| `name` | User defined upload name. Visible in Codecov UI | Optional
| `os` | Override the assumed OS. Options are linux \| macos \| windows \| . | Optional
| `override_branch` | Specify the branch name | Optional
| `override_build` | Specify the build number | Optional
| `override_build_url` | The URL of the build where this is running | Optional
| `override_commit` | Specify the commit SHA | Optional
| `override_pr` | Specify the pull request number | Optional
| `plugin` | plugins to run. Options: xcode, gcov, pycoverage. The default behavior runs them all. | Optional
| `plugins` | Comma-separated list of plugins for use during upload. | Optional
| `report_code` | The code of the report. If unsure, do not include | Optional
| `root_dir` | Used to specify the location of your .git root to identify project root directory | Optional
| `slug` | Specify the slug manually (Enterprise use) | Optional
| `url` | Specify the base url to upload (Enterprise use) | Optional
| `use_legacy_upload_endpoint` | Use the legacy upload endpoint | Optional
| `use_oidc` | Use OpenID Connect for verification instead of token. This will ignore any token supplied. Please see [GitHub documentation](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect) for details.
| `verbose` | Specify whether the Codecov output should be verbose | Optional
| `version` | Specify which version of the Codecov CLI should be used. Defaults to `latest` | Optional
| `working-directory` | Directory in which to execute codecov.sh | Optional
### Example `workflow.yml` with Codecov Action