Inconsistent - Token required because branch is protected

[AndreKurait]

On a public repo, i'm getting inconsistent results with codecov-v4

e.g. opensearch-project/opensearch-migrations#1016

First Run - Successful

Run codecov/codecov-action@v4
evenName: pull_request
baseRef: opensearch-project:main | headRef: AndreKurait:FixSetHeaderExtraArgs
==> Fork detected, tokenless uploading used
evenName: pull_request
baseRef: opensearch-project:main | headRef: AndreKurait:FixSetHeaderExtraArgs
==> Fork detected, tokenless uploading used
evenName: pull_request
baseRef: opensearch-project:main | headRef: AndreKurait:FixSetHeaderExtraArgs
==> Fork detected, tokenless uploading used
==> linux OS detected
https://cli.codecov.io/latest/linux/codecov.SHA256SUM
gpg: directory '/home/runner/.gnupg' created
gpg: keybox '/home/runner/.gnupg/pubring.kbx' created
gpg: /home/runner/.gnupg/trustdb.gpg: trustdb created
gpg: key 806BB28AED779869: public key "Codecov Uploader (Codecov Uploader Verification Key) <[email protected]>" imported
gpg: Total number processed: 1
gpg:               imported: 1
gpg: Signature made Fri Aug [16](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11058330515/job/30724095698?pr=1016#step:5:17) 23:23:14 2024 UTC
gpg:                using RSA key 27034E7FDB850E0BBC2C62FF806BB28AED779869
gpg: Good signature from "Codecov Uploader (Codecov Uploader Verification Key) <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 2703 4E7F DB85 0E0B BC2C  62FF 806B B28A ED77 9869
==> Uploader SHASUM verified (eb90[20](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11058330515/job/30724095698?pr=1016#step:5:21)09cb800fdefbce291c1357953f80e29382f43c7a98cce3b57d2b4d8cec  codecov)
==> Running version latest
==> Running version v0.7.4
==> Running git config --global --add safe.directory /home/runner/work/opensearch-migrations/opensearch-migrations
/usr/bin/git config --global --add safe.directory /home/runner/work/opensearch-migrations/opensearch-migrations
==> Running command '/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-commit'
/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-commit --git-service github -C cea160a44ad1038bdd62054da250f1655206d1b8 -Z
info - 2024-09-25 [21](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11058330515/job/30724095698?pr=1016#step:5:22):23:42,715 -- ci service found: github-actions
info - 2024-09-25 21:[23](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11058330515/job/30724095698?pr=1016#step:5:24):42,723 -- The PR is happening in a forked repo. Using tokenless upload.
info - 20[24](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11058330515/job/30724095698?pr=1016#step:5:25)-09-25 21:23:43,132 -- Process Commit creating complete
==> Running command '/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-report'
/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-report --git-service github -C cea160a44ad1038bdd62054da[25](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11058330515/job/30724095698?pr=1016#step:5:26)0f1655206d1b8 -Z
info - 2024-09-25 21:23:43,847 -- ci service found: github-actions
info - 2024-09-25 21:23:44,[28](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11058330515/job/30724095698?pr=1016#step:5:29)6 -- Process Report creating complete
info - 2024-09-25 21:23:44,286 -- Finished creating report successfully --- {"response": "{\"status\":\"queued\"}\n"}
==> Running command '/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov do-upload'
/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov do-upload -Z -f ./coverage.xml --git-service github -C cea160a44ad1038bdd62054da250f1655206d1b8
info - 2024-09-25 21:23:45,002 -- ci service found: github-actions
warning - 2024-09-25 21:23:45,010 -- xcrun is not installed or can't be found.
warning - 2024-09-25 21:23:45,0[32](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11058330515/job/30724095698?pr=1016#step:5:33) -- No gcov data found.
warning - 2024-09-25 21:23:45,032 -- coverage.py is not installed or can't be found.
warning - 2024-09-25 21:23:45,059 -- Some files were not found --- {"not_found_files": ["coverage.xml"]}
info - 2024-09-25 21:23:45,092 -- Found 1 coverage files to report
info - 2024-09-25 21:23:45,092 -- > /home/runner/work/opensearch-migrations/opensearch-migrations/TrafficCapture/dockerSolution/src/main/docker/migrationConsole/console_api/coverage.xml
info - 2024-09-25 21:23:45,684 -- Your upload is now processing. When finished, results will be available at: https://app.codecov.io/github/opensearch-project/opensearch-migrations/commit/cea160a44ad10[38](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11058330515/job/30724095698?pr=1016#step:5:39)bdd62054da250f1655206d1b8
info - 2024-09-25 21:23:45,975 -- Process Upload complete

Subsequent Run - Failure

Run codecov/codecov-action@v4
evenName: pull_request
baseRef: opensearch-project:main | headRef: AndreKurait:FixSetHeaderExtraArgs
==> Fork detected, tokenless uploading used
evenName: pull_request
baseRef: opensearch-project:main | headRef: AndreKurait:FixSetHeaderExtraArgs
==> Fork detected, tokenless uploading used
evenName: pull_request
baseRef: opensearch-project:main | headRef: AndreKurait:FixSetHeaderExtraArgs
==> Fork detected, tokenless uploading used
==> linux OS detected
https://cli.codecov.io/latest/linux/codecov.SHA256SUM
gpg: directory '/home/runner/.gnupg' created
gpg: keybox '/home/runner/.gnupg/pubring.kbx' created
gpg: /home/runner/.gnupg/trustdb.gpg: trustdb created
gpg: key 806BB28AED779869: public key "Codecov Uploader (Codecov Uploader Verification Key) <[email protected]>" imported
gpg: Total number processed: 1
gpg:               imported: 1
gpg: Signature made Fri Aug [16](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11058330515/job/30724095698?pr=1016#step:5:17) 23:23:14 2024 UTC
gpg:                using RSA key 27034E7FDB850E0BBC2C62FF806BB28AED779869
gpg: Good signature from "Codecov Uploader (Codecov Uploader Verification Key) <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 2703 4E7F DB85 0E0B BC2C  62FF 806B B28A ED77 9869
==> Uploader SHASUM verified (eb902009cb800fdefbce291c1357953f80e29382f43c7a98cce3b57d2b4d8cec  codecov)
==> Running version latest
==> Running version v0.7.4
==> Running git config --global --add safe.directory /home/runner/work/opensearch-migrations/opensearch-migrations
/usr/bin/git config --global --add safe.directory /home/runner/work/opensearch-migrations/opensearch-migrations
==> Running command '/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-commit'
/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-commit --git-service github -C cb162006e653a[17](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11058330515/job/30724095698?pr=1016#step:5:18)23ec910d17de13b0ea8525550 -Z
info - 2024-09-26 18:44:15,790 -- ci service found: github-actions
info - 2024-09-26 [18](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11058330515/job/30724095698?pr=1016#step:5:19):44:15,798 -- The PR is happening in a forked repo. Using tokenless upload.
info - [20](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11058330515/job/30724095698?pr=1016#step:5:21)24-09-26 18:44:16,057 -- Process Commit creating complete
==> Running command '/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-report'
/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-report --git-service github -C cb162006e653a17[23](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11058330515/job/30724095698?pr=1016#step:5:24)ec910d17de13b0ea8525550 -Z
info - 2024-09-26 18:44:16,771 -- ci service found: github-actions
info - 20[24](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11058330515/job/30724095698?pr=1016#step:5:25)-09-26 18:44:17,038 -- Process Report creating complete
error - 2024-09-[26](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11058330515/job/30724095698?pr=1016#step:5:27) 18:44:17,039 -- Report creating failed: {"message":"Token required because branch is protected"}
Error: Codecov:
                        Failed to properly create report: The process '/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov' failed with exit code 1
0s

[AndreKurait]

Workaround is to close the PR and make a new one e.g. opensearch-project/opensearch-migrations#1019

[G-Rath]

I'm getting this quite a lot suddenly on https://github.com/google/osv-scanner - this only started happening in the last couple of weeks and afaik there have not been any changes to the branch protection rules (@another-rex could you confirm this?)

Some action examples:

• https://github.com/google/osv-scanner/actions/runs/11242963038/job/31257867463?pr=1307
• https://github.com/google/osv-scanner/actions/runs/11241493282/job/31253241725?pr=1289

[greg0ire]

@thomasrockhu can you please look into this one? 🙏

[greg0ire]

@thomasrockhu-codecov seems to be a better handle to ping :)

[thomasrockhu-codecov]

@greg0ire @AndreKurait noting that I see this. Am asking the team what the expected behavior is but from what I can tell, we have always had protected branches require a token.

@AndreKurait have you seen this come up again or was it that one time?

[thomasrockhu-codecov]

@G-Rath please let me know if there was a change in branch protection rules

[G-Rath]

@thomasrockhu-codecov I don't know as I'm not the owner of the repository, but I've not seen this failure for a few weeks so I assume it's just been fixed 🤷

[greg0ire]

@thomasrockhu-codecov I no longer see the _error message on my repository, but I still have an issue: the upload is never processed. I will file a separate bug report.

[greg0ire]

Here it is: #1633

[thomasrockhu-codecov]

Going to close this one out for now, @greg0ire I'll take a look at that issue

[AndreKurait]

@thomasrockhu-codecov I just hit this again, can we reopen this?

I only ever get it after pushing multiple commits after creating a PR.

It appears to be a bug in detecting the fork ==> Fork detected, tokenless uploading used, whereas the PR and action is on a public repo.

https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120

Run codecov/codecov-action@v4
  with:
    files: ./coverage.xml
    flags: python-test
    fail_ci_if_error: true
  env:
    python-version: 3.11
    java-version: 11
    gradle-version: 8.0.[2](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:2)
    node-version: 18.x
    pythonLocation: /opt/hostedtoolcache/Python/[3](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:3).11.10/x64
    PKG_CONFIG_PATH: /opt/hostedtoolcache/Python/3.11.10/x6[4](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:4)/lib/pkgconfig
    Python_ROOT_DIR: /opt/hostedtoolcache/Python/3.11.10/x64
    Python2_ROOT_DIR: /opt/hostedtoolcache/Python/3.11.10/x64
    Python3_ROOT_DIR: /opt/hostedtoolcache/Python/3.11.10/x64
    LD_LIBRARY_PATH: /opt/hostedtoolcache/Python/3.11.10/x64/lib
eventName: pull_request
baseRef: opensearch-project:main | headRef: AndreKurait:ClusterTools
==> Fork detected, tokenless uploading used
==> linux OS detected
https://cli.codecov.io/latest/linux/codecov.SHA2[5](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:5)6SUM
gpg: directory '/home/runner/.gnupg' created
gpg: keybox '/home/runner/.gnupg/pubring.kbx' created
gpg: /home/runner/.gnupg/trustdb.gpg: trustdb created
gpg: key 80[6](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:6)BB28AED[7](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:7)79869: public key "Codecov Uploader (Codecov Uploader Verification Key) <[email protected]>" imported
gpg: Total number processed: 1
gpg:               imported: 1
gpg: Signature made Fri Oct 1[8](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:8) 16:02:53 2024 UTC
gpg:                using RSA key 27034E7FDB850E0BBC2C62FF806BB28AED77[9](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:9)869
gpg: Good signature from "Codecov Uploader (Codecov Uploader Verification Key) <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 2703 4E7F DB85 0E0B BC2C  62FF 806B B28A ED77 9869
==> Uploader SHASUM verified (452ad3c57dc4ff698e9ca36786a2d09be5db254c32c4a4fb6d08c18146e4d8c1  codecov)
==> Running version latest
==> Running version v0.8.0
==> Running git config --global --add safe.directory /home/runner/work/opensearch-migrations/opensearch-migrations
/usr/bin/git config --global --add safe.directory /home/runner/work/opensearch-migrations/opensearch-migrations
==> Running command '/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-commit'
/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-commit --git-service github -B AndreKurait:ClusterTools -C 0a777ce0e5265921a8b2a4f682300[10](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:10)5f085a2ad -Z
info - 2024-[11](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:11)-07 15:44:12,801 -- ci service found: github-actions
info - 2024-11-07 15:44:[12](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:12),811 -- The PR is happening in a forked repo. Using tokenless upload.
info - 2024-11-07 15:44:[13](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:13),304 -- Process Commit creating complete
==> Running command '/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-report'
/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-report --git-service github -C 0a777ce0e5265921a8b2a4f682300105f085a2ad -Z
info - 2024-11-07 15:44:[14](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:14),021 -- ci service found: github-actions
info - 2024-11-07 [15](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664937244?pr=1120#step:5:15):44:14,451 -- Process Report creating complete
error - 2024-11-07 15:44:14,451 -- Report creating failed: {"message":"Token required because branch is protected"}
Error: Codecov:
                        Failed to properly create report: The process '/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov' failed with exit code 1

[AndreKurait]

It's inconsistent because another action on the same commit passed

0s
1m 18s
5s
Run codecov/codecov-action@v4
eventName: pull_request
baseRef: opensearch-project:main | headRef: AndreKurait:ClusterTools
==> Fork detected, tokenless uploading used
==> linux OS detected
https://cli.codecov.io/latest/linux/codecov.SHA256SUM
gpg: directory '/home/runner/.gnupg' created
gpg: keybox '/home/runner/.gnupg/pubring.kbx' created
gpg: /home/runner/.gnupg/trustdb.gpg: trustdb created
gpg: key 806BB28AED779869: public key "Codecov Uploader (Codecov Uploader Verification Key) <[email protected]>" imported
gpg: Total number processed: [1](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664938292?pr=1120#step:5:1)
gpg:               imported: 1
gpg: Signature made Fri Oct [18](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664938292?pr=1120#step:5:19) 16:02:53 2024 UTC
gpg:                using RSA key 27034E7FDB850E0BBC2C62FF806BB28AED779869
gpg: Good signature from "Codecov Uploader (Codecov Uploader Verification Key) <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 2703 4E7F DB85 0E0B BC2C  62FF 806B B28A ED77 9869
==> Uploader SHASUM verified (452ad3c57dc4ff698e9ca36786a2d09be5db254c32c4a4fb6d08c18146e4d8c1  codecov)
==> Running version latest
==> Running version v0.8.0
==> Running git config --global --add safe.directory /home/runner/work/opensearch-migrations/opensearch-migrations
/usr/bin/git config --global --add safe.directory /home/runner/work/opensearch-migrations/opensearch-migrations
==> Running command '/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-commit'
/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-commit --git-service github -B AndreKurait:ClusterTools -C 0a777ce0e5265921a8b2a4f682300105f085a2ad -Z
info - 2024-11-07 15:45:03,116 -- ci service found: github-actions
info - 2024-11-07 15:45:03,126 -- The PR is happening in a forked repo. Using tokenless upload.
info - 2024-11-07 15:45:03,626 -- Process Commit creating complete
==> Running command '/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-report'
/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov create-report --git-service github -C 0a777ce0e5265921a8b2a4f682300105f085a2ad -Z
info - 2024-11-07 15:45:04,340 -- ci service found: github-actions
info - 2024-11-07 15:45:05,[19](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664938292?pr=1120#step:5:20)3 -- Process Report creating complete
info - [20](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664938292?pr=1120#step:5:21)24-11-07 15:45:05,194 -- Finished creating report successfully --- {"response": "{\"status\":\"queued\"}\n"}
==> Running command '/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov do-upload'
/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov do-upload -Z -f ./coverage.xml -F python-test --git-service github -C 0a777ce0e52659[21](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664938292?pr=1120#step:5:22)a8b2a4f682300105f085a2ad
info - 2024-11-07 15:45:05,908 -- ci service found: github-actions
warning - 2024-11-07 15:45:05,919 -- xcrun is not installed or can't be found.
warning - 2024-11-07 15:45:05,944 -- No gcov data found.
warning - 2024-11-07 15:45:05,944 -- coverage.py is not installed or can't be found.
warning - 2024-11-07 15:45:05,976 -- Some files were not found --- {"not_found_files": ["coverage.xml"]}
info - 2024-11-07 15:45:06,016 -- Found 1 coverage files to report
info - 2024-11-07 15:45:06,016 -- > /home/runner/work/opensearch-migrations/opensearch-migrations/TrafficCapture/dockerSolution/src/main/docker/migrationConsole/cluster_tools/coverage.xml
info - 2024-11-07 15:45:06,568 -- Your upload is now processing. When finished, results will be available at: https://app.codecov.io/github/opensearch-project/opensearch-migrations/commit/0a777ce0e5265921a8b2a4f68[23](https://github.com/opensearch-project/opensearch-migrations/actions/runs/11726398842/job/32664938292?pr=1120#step:5:24)00105f085a2ad
info - 2024-11-07 15:45:06,750 -- Process Upload complete

[thomasrockhu-codecov]

@AndreKurait got it, taking a look

[bobleesj]

@thomasrockhu-codecov Not sure if would help but wanted to share that we are seeing this issue too. No branch projection has been added.

The first commit passes diffpy/diffpy.utils@87a5b6d, but when a new commit (diffpy/diffpy.utils@f45ba82) is added, it starts to fail with the message.

[thomasrockhu-codecov]

This one is really strange, I'm syncing with the product team to try to understand why this is happening.

That said, we are planning to release action@v5 in the next 2 weeks (likely next week) which SHOULD fix this issue too.

[thomasrockhu-codecov]

Leaving a tasklist of some issues/PRs that will mitigate/fix the issue

• feat: Create coverage single upload endpoint codecov-api#962 (combine the 3 endpoints as a single endpoint to prevent race conditions)
• Upload-process uses combined-upload endpoint codecov-cli#551 (expose the endpoint to users)

[thomasrockhu-codecov]

@bobleesj @AndreKurait we pushed a different change from the tasklist above that I think will solve a race condition we were having. Can you see if this issue is still happening?

[bobleesj]

@thomasrockhu-codecov Thanks! Yup will do.

[thomasrockhu-codecov]

@AndreKurait everything ok? I got a message in my email and just wanted to double-check

[AndreKurait]

We had some failures tonight with a new error message.

debug - 2024-11-13 03:02:19,983 -- Report creating result --- {"result": "RequestResult(error=RequestError(code='HTTP Error 400', params={}, description='[{\"input\":{\"branch\":\"AndreKurait:DisableCodeCovAsRequired\",\"commit_id\":\"6c43932a06a2d9bb5e3ca9b269a28738749ca981\",\"repo_id\":15896619,\"repo_name\":\"opensearch-migrations\"},\"loc\":[\"id\"],\"msg\":\"Field required\",\"type\":\"missing\",\"url\":\"[https://errors.pydantic.dev/2.4/v/missing\](https://errors.pydantic.dev/2.4/v/missing/)"}]\\n'), warnings=[], status_code=400, text='[{\"input\":{\"branch\":\"AndreKurait:DisableCodeCovAsRequired\",\"commit_id\":\"6c43932a06a2d9bb5e3ca9b269a28738749ca981\",\"repo_id\":15896619,\"repo_name\":\"opensearch-migrations\"},\"loc\":[\"id\"],\"msg\":\"Field required\",\"type\":\"missing\",\"url\":\"[https://errors.pydantic.dev/2.4/v/missing\](https://errors.pydantic.dev/2.4/v/missing/)"}]\\n')"}
error - 2024-11-13 03:02:19,983 -- Report creating failed: [{"input":{"branch":"AndreKurait:DisableCodeCovAsRequired","commit_id":"6c43932a06a2d9bb5e3ca9b269a28738749ca981","repo_id":15896619,"repo_name":"opensearch-migrations"},"loc":["id"],"msg":"Field required","type":"missing","url":"https://errors.pydantic.dev/2.4/v/missing"}]

Made some PRs which passed, and some failed.

I have a suspicion there's some throttling limits involved, so i set up some actions to retry 20 times, and observed this error message occur consistently.

I looked into our use of tokens, and saw we were triggering our action on pull_request which doesn't have access to secrets, and thus wouldn't have access to the codecov token. I'm switching it to pull_request_target which looks promising in initial testing.

[thomasrockhu-codecov]

@AndreKurait do you have CI link to think? I can take a look

found it

[thomasrockhu-codecov]

@AndreKurait we pushed a fix for this earlier today, can you try again?

[bobleesj]

@thomasrockhu-codecov just wanted to share we've had no issues so far, around 3-4 PRs across 2-3 repos since then.

[thomasrockhu-codecov]

@pellared got it! I think I figured out the root cause, I hope to get a fix in by tomorrow (#1650)

[KATT]

This is still broken for me

• Bad run (just now - 08:26 CET): https://github.com/trpc/trpc/actions/runs/11847693705/job/33029531823?pr=6238
• Good run (last week): https://github.com/trpc/trpc/actions/runs/11716105350/job/32633603827?pr=6194

Full output

     _____          _
    / ____|        | |
   | |     ___   __| | ___  ___ _____   __
   | |    / _ \ / _` |/ _ \/ __/ _ \ \ / /
   | |___| (_) | (_| |  __/ (_| (_) \ V /
    \_____\___/ \__,_|\___|\___\___/ \_/
                            Wrapper-0.0.23
                                  
==> Detected linux
 -> Downloading https://cli.codecov.io/latest/linux/codecov
==> Finishing downloading linux:latest
      Version: v9.0.4
 
gpg: directory '/home/runner/.gnupg' created
gpg: keybox '/home/runner/.gnupg/pubring.kbx' created
gpg: /home/runner/.gnupg/trustdb.gpg: trustdb created
gpg: key 806BB28AED77[98](https://github.com/trpc/trpc/actions/runs/11847693705/job/33029531823?pr=6238#step:6:102)69: public key "Codecov Uploader (Codecov Uploader Verification Key) <[email protected]>" imported
gpg: Total number processed: 1
gpg:               imported: 1
==> Verifying GPG signature integrity
 -> Downloading https://cli.codecov.io/latest/linux/codecov.SHA256SUM
 -> Downloading https://cli.codecov.io/latest/linux/codecov.SHA256SUM.sig
 
gpg: Signature made Fri Nov 15 07:18:35 2024 UTC
gpg:                using RSA key 27034E7FDB850E0BBC2C62FF806BB28AED779869
gpg: Good signature from "Codecov Uploader (Codecov Uploader Verification Key) <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 2703 4E7F DB85 0E0B BC2C  62FF 806B B28A ED77 9869
codecov: OK
==> CLI integrity verified
 -> Token of length 0 detected
==> Running create-commit
      ./codecov  create-commit --fail-on-error --git-service github
info - 2024-11-15 07:27:55,483 -- ci service found: github-actions
info - 2024-11-15 07:27:55,789 -- Process Commit creating complete
error - 2024-11-15 07:27:55,790 -- Commit creating failed: {"message":"Token required because branch is protected"}
==> Failed to create-commit
    Exiting...
Error: Process completed with exit code 1.