"Unable to locate build via Github Actions API" for the public repository #126
Comments
|
Getting the same several times today, but it is transient: https://github.com/jaegertracing/jaeger/actions/runs/3136909140/jobs/5094405179 |
|
@AlekSi @yurishkuro if you have installed the Codecov GitHub app, the only reason I can think of for getting that message is that the access token used is hitting a GitHub rate limit. Do you use any other GitHub apps or know why that might be? |
|
I don't think we're using the app, we use GH Actions here: https://github.com/jaegertracing/jaeger/blob/e877a61926a3f7bc1a5f5ba6b9fceb78bcb8b71d/.github/workflows/ci-unit-tests.yml#L26 |
|
@yurishkuro to be clear, those two things are not mutually exclusive. The app is used by Codecov to communicate with GitHub (e.g. check the codecov yaml, post the PR comment and status checks). The Action is used to upload coverage reports to Codecov. |
|
Yes, we do have Codecov app as well. But the errors are coming from GH Action. |
I guess you mean "are not". Yes, we do have that app installed. We also use a few other GitHub apps. Do they all use the same token (and what token is that)? |
|
I'm also getting this error in a public repository: |
|
I enabled verbose mode: https://github.com/FerretDB/FerretDB/actions/runs/3151343738/jobs/5125175424 |
|
I also have the same error during this run. |
|
Hi, |
|
Oh great, I just re-run my job and it worked too. |
|
I am wondering if the disruption with GitHub had anything to do with this uptick in this issue. If so, apologies, I know the error message could have been far better crafted. We are working on making it more actionable. As far as I know, this error message happens when we ping |
|
That accident was resolved 6 days ago, but we are seeing the same issue right now: https://github.com/FerretDB/FerretDB/actions/runs/3175008916/jobs/5172514896 |
|
Ok, I think I tracked down the underlying issue here. I've made a ticket for the product team |
|
I'll be tracking progress on this communty post |
|
In the short term if this is actively blocking you, I would suggest using the upload token 😬 |
|
We've got a public repo, the Codecov GH app installed, Example (succeeded on this occasion, but failed another time before I enabled verbose mode): https://github.com/cylc/cylc-flow/actions/runs/3196165816/jobs/5217734063#step:16:102 |
|
Secrets are not available for |
|
Github action So I try new version |
I'm observing a lot of: > Error: Codecov: Failed to properly upload: The process > '/Users/runner/work/_actions/codecov/codecov-action/v2/dist/codecov' > failed with exit code 255 Recently. Unfortunately, this seems to be a hard to reproduce bug, as it sometimes happens and sometimes not. Reading through some codecov issues: - https://github.com/codecov/codecov-action/issues/837 - codecov/codecov-action#598 updating their action to v3 was mentioned as a possible solution.
|
So the problem seems to be that, without the token, the upload is getting rate limited sometimes, and thus failing. And using the token in the action does not work for PRs from forks as @AlekSi has pointed out. (This is the case for v3 of the action) |
|
@adamjstewart I might be missing something but I don't see where you uploaded the commit ref for later downloading in your coverage action. The action seems to be getting it from the github event object still. |
|
@adamjstewart I see you are using The syntax should have been My workaround is to get this sha from the original PR as I described higher. |
|
Thanks for the link. I'm slowly rediscovering all the reasons you had to jump through so many hoops. I think I've managed to find a simpler way to download artifacts than what you're using, but it looks like all the rest of your JavaScript is still necessary. Need to decide if we're expected to implement all of this ourselves or start looking for codecov alternatives. Would love an official response from codecov as to how they expect people to use their action. |
@adamjstewart could you elaborate how GitHub API rate limits are in play here? Why does having a Codecov token make a difference w.r.t. GH rate limits? |
|
@adamjstewart - I'm a PM on the codecov team. I'll take a look at why you're having the issue you described here, what you're describing is not the intended set up experience here. I'll respond back here with an update as soon as I have one |
|
To clarify, the reason why a token-less only approach has been so problematic over the past few years has been due to GitHub's rate limiting. Tokenless generally works by making an API call to GitHub to confirm that the repo and commit are the correct values. Making this call for thousands of repositories causes our GitHub token to hit the limit causing the issues that many of you have seen (e.g. As a result, we needed to make decisions on how best to serve our users. This means that tokenless uploading is not currently sustainable until GitHub allows for higher rate limited APIs. The open source (OS) community is a major user and proponent of Codecov. A very common flow for them is to have outside contributors fork the repo, make changes, and open a PR to the upstream repository with that change. Unfortunately, GitHub does not have a way to share secrets with contributors. In order to provide support for these OS projects, we added a way for open source contributions to forks not require a token |
|
Hi all (@kdarkhan @adamjstewart @melink14), I'm moving the conversation over to this issue regarding |
|
To clarify for future readers, the reason it is related to this issue is that it explains how to securely use codecov for PRs from forks in public OS repos. There's no problem except that GitHub has some bugs and makes the process annoying for security reasons (as far as I know). I guess the other issue can be used to investigate simplifications to the process. |
|
I recently noticed an increased error rate regarding tokenless for PRs (we are using codecov action v4.1.0). Is there a solution recommended by the codecov team on how to solve that? |
|
@ST-DDT can you open a new issue about that? I'm going to close this one as the solution to the original is to add the token. |
Done: #301 |
The documentation is very confusing, but it seems to me that the new version supports tokenless uploads in a better way. It says everywhere that a token is really required, but then it also says that PRs from forks are an exception to that (but that is how it has been in the past anyway). So let's see if this helps. https://docs.codecov.com/docs/codecov-uploader#supporting-tokenless-uploads https://community.codecov.com/t/upload-issues-unable-to-locate-build-via-github-actions-api/3954/22 codecov/feedback#126 codecov/engineering-team#665 https://github.com/codecov/codecov-action
## 🎫 Ticket n/a ## 🛠 Changes removing codecov from CI, since sonarqube is doing the same thing and tokenless is hitting a github api limit. ## ℹ️ Context for reviewers [Link to discussion](codecov/feedback#126) on tokenless codecov generation and rate limiting. ## ✅ Acceptance Validation n/a ## 🔒 Security Implications - [ ] This PR adds a new software dependency or dependencies. - [ ] This PR modifies or invalidates one or more of our security controls. - [ ] This PR stores or transmits data that was not stored or transmitted before. - [ ] This PR requires additional review of its security implications for other reasons. If any security implications apply, add Jason Ashbaugh (GitHub username: StewGoin) as a reviewer and do not merge this PR without his approval.
Not necessary for public repos but decreases chance of upload failures due to GitHub rate limiting. <codecov/feedback#126>
and others
Seems to be the same as closed codecov/codecov-action#557.
Similar to codecov/codecov-action#803 and codecov/codecov-action#598.
Here was a request to create a new issue in that case, so here it is.
https://github.com/FerretDB/FerretDB/actions/runs/3130125909/jobs/5080024795
The text was updated successfully, but these errors were encountered: