[v4] `Error: Codecov token not found` in a PR from a fork to a pubilc repo

[jishnub]

My understanding was that a token would not be required when creating a PR from a fork to a public, open-source project. However, in the run https://github.com/JuliaMath/FFTW.jl/actions/runs/7854977161/job/21436255573?pr=295, I encounter

Run codecov/codecov-action@v4
  with:
    fail_ci_if_error: true
    file: lcov.info
  env:
    JULIA_NUM_THREADS: 2
    JULIA_PKG_SERVER_REGISTRY_PREFERENCE: eager
==> windows OS detected
https://cli.codecov.io/latest/windows/codecov.exe.SHA256SUM
==> Running version latest
==> Running version v0.4.6
==> Running command 'D:\a\_actions\codecov\codecov-action\v4\dist\codecov.exe create-commit'
D:\a\_actions\codecov\codecov-action\v4\dist\codecov.exe create-commit -C 798f370e7c6e3cf60fbf6866b3a1b9d36e4db012 -Z
gpg: directory '/c/Users/runneradmin/.gnupg' created
gpg: keybox '/c/Users/runneradmin/.gnupg/pubring.kbx' created
gpg: /c/Users/runneradmin/.gnupg/trustdb.gpg: trustdb created
gpg: key 806BB28AED779869: public key "Codecov Uploader (Codecov Uploader Verification Key) <security@codecov.io>" imported
gpg: Total number processed: 1
gpg:               imported: 1

info - 2024-02-10 12:50:54,352 -- ci service found: github-actions
gpg: Signature made Fri Feb  2 14:15:51 2024 CUT
gpg:                using RSA key 27034E7FDB850E0BBC2C62FF806BB28AED779869
gpg: Good signature from "Codecov Uploader (Codecov Uploader Verification Key) <security@codecov.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 2703 4E7F DB85 0E0B BC2C  62FF 806B B28A ED77 9869

==> Uploader SHASUM verified (64a905e31c4ab88dd999052685656280bc68dafc6bbaaed941a68e6d6a00f24c  codecov.exe)
warning - 2024-02-10 12:50:54,410 -- No config file could be found. Ignoring config.
Error: Codecov token not found. Please provide Codecov token with -t flag.
Error: Codecov: Failed to properly create commit: The process 'D:\a\_actions\codecov\codecov-action\v4\dist\codecov.exe' failed with exit code 1

Other runs in the matrix do succeed without a token, e.g. https://github.com/JuliaMath/FFTW.jl/actions/runs/7854977161/job/21436254781?pr=295, as is expected.

[rohan-at-sentry]

@jishnub thanks for reaching out. We can take a look

[rohan-at-sentry]

@jishnub are you able to request the failing run to be re-run just to confirm?

We suspect that at the time the action ran, we hit Github rate limits which caused our check (to verify if the source was a fork) to fail

[clemenscodes]

Getting the same error on a public repo as well when using v4, using v3 works fine.

[JoseLion]

I'm getting the same issue when using the workflow with workflow_call: from another workflow in the same repo. Public repo as well, and I do have the token: ${{ secrets.CODECOV_TOKEN }} argument set.

I noticed that when the workflow is triggered by push: or pull_request:, the token argument is present:

But when the workflow is triggered by workflow_call: from another workflow, the token argument is missing:

[rohan-at-sentry]

@clemenscodes can you point me to the run where this happened?

[clemenscodes]

@rohan-at-sentry this the run in which it happened: https://github.com/clemenscodes/draken/actions/runs/7890558172/job/21532976187

[jishnub]

@jishnub are you able to request the failing run to be re-run just to confirm?

I can confirm re-running the job does not lead to the issue, so it could certainly be a rate limit. It's just a bit puzzling when jobs fail at random. Perhaps the error message may be improved?

[rohan-at-sentry]

Thanks @jishnub - yeah we're working on fixing the error messaging around rate limits (not just on the CLI, but all other user facing touchpoints - PR, UI etc)

[rohan-at-sentry]

@JoseLion @clemenscodes if you can open a different issue, while I take a look that would be appreciated. This will help me track better. FWIW @clemenscodes - my understanding is that it looks to be separate from this issue (which is about forks).

Closing this as the original issue is resolved

[georgebv]

Getting the same error in my own public repo when running v4 triggered by a release event on main branch. You can see verbose logs here: https://github.com/georgebv/drf-pydantic/actions/runs/7896620245/job/21550933382

As you can see, re-running (once) didn't help.

Rolling back to v3 solved this.

[terabytesoftw]

The error persists, we had to downgrade to v3.