Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update all GitHub actions dependencies #153

Merged
merged 3 commits into from
Aug 31, 2024
Merged

Update all GitHub actions dependencies #153

merged 3 commits into from
Aug 31, 2024

Conversation

Abestanis
Copy link
Collaborator

This updates our CI dependencies. I read through the change logs and made sure that there are no breaking changes for us.

There is one exception:

codecov/codecov-action@v4 removes tokenless uploads of coverage information. This means that we need to make sure that we have configured our Codecov token in the GitHub repository settings as described in the documentation. I don't have access to these settings so only you can do that.

Hopefully the update will fix the Codecov upload failures we've seen on recent CI runs like here.

@Abestanis Abestanis requested a review from nt4f04uNd August 31, 2024 13:47
@Abestanis
Copy link
Collaborator Author

As a side note, we might want to set up dependabot to keep these up to date in the future.

@Abestanis
Copy link
Collaborator Author

It looks like the Codecov update did indeed help. The coverage change probably comes from an earlier merge request that failed to upload its coverage information.

Coverage from this PR

@nt4f04uNd
Copy link
Owner

It looks like the Codecov update did indeed help. The coverage change probably comes from an earlier merge request that failed to upload its coverage information.

Coverage from this PR

FYI I didn't configure anything beforehand.
I only added the token now.

Should we test somehow that it works?

@nt4f04uNd
Copy link
Owner

Ahh, we should use this now. I think you should update the YAML files with this

image

@nt4f04uNd
Copy link
Owner

FYI secrets must be passed explicitly to actions

You can see an example here https://github.com/nt4f04uNd/sweyer/blob/master/.github/workflows/deploy_google_play/action.yml#L30

@Abestanis
Copy link
Collaborator Author

FYI secrets must be passed explicitly to actions

Ups, I totally missed that part, thanks for double checking.

FYI I didn't configure anything beforehand.

Yeah, the main repository now requires a token, but forks can continue to use tokenless upload (From the codecov actions README):

Tokenless uploading is unsupported. However, PRs made from forks to the upstream public repos will support tokenless (e.g. contributors to OS projects do not need the upstream repo's Codecov token).

Should we test somehow that it works?

I think we can just merge and verify that the CI on the merge commit works, and iterate on it in a follow up PR if anything breaks.

@Abestanis
Copy link
Collaborator Author

Abestanis commented Aug 31, 2024
edited
Loading

FYI secrets must be passed explicitly to actions

Ah, you are saying the files included with use don't have access to secrets? That makes sense. Luckily all calls to Codeconv are in the main workflow files, which should have access to the secret.

@nt4f04uNd
Copy link
Owner

As a side note, we might want to set up dependabot to keep these up to date in the future.

Can you open an issue?

@Abestanis
Copy link
Collaborator Author

Can you open an issue?

Done: #155

@Abestanis Abestanis merged commit d64c763 into nt4f04uNd:master Aug 31, 2024
2 checks passed
@Abestanis Abestanis deleted the update/ci branch August 31, 2024 18:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nt4f04uNd nt4f04uNd nt4f04uNd approved these changes

Assignees
No one assigned
Labels
tech-debt
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Abestanis @nt4f04uNd