Description
We are setting codecov bots for a GitHub organization: Open Cybersecurity Alliance · GitHub
And we would like to get some advice about team bot vs github app.
After reading the team bot instructions, it looks like we can either do team bot or github app. I understand the difference to be:
- github app is easy, but requires setup for each repo in the org.
- if we setup team bot with a dedicated bot account (github account), this will apply to all repos in the org, so we do not need to setup codecov again when a new repo is created.
My first question is whether my understand above is correct (whether this is the only difference). I encountered some rate limit issues before the team bot is setup, and I guess the set up of the team bot will resolve the issue, and there is no difference between the two regarding rate limit. Please correct me if my understanding is incorrect.
Now we create a new github user for the dedicated bot, grant access to our org, login the user, and setup the Global YAML section of the org under the user’s account:
codecov:
bot: oca-codecov-bot
Then I created a PR in one of the repo under the org: codecov bot test by subbyte · Pull Request #222 · opencybersecurityalliance/kestrel-lang · GitHub
Good news is we get a codecov comment. However, the user of the comment is codecov-commenter, not oca-codecov-bot.
My second question is: is the commenting user correct? Or does this mean we setup the team bot successfully?
CI/CD URL
Codecov Output
Run codecov/codecov-action@v3
==> linux OS detected
https://uploader.codecov.io/latest/linux/codecov.SHA256SUM
==> SHASUM file signed by key id 806bb28aed779869
==> Uploader SHASUM verified (cae21e490c24b05c3802c7001a1540a7f83d46cb4f1eadf14e76627094c65cb8 codecov)
==> Running version latest
==> Running version v0.2.0
/home/runner/work/_actions/codecov/codecov-action/v3/dist/codecov -n -Q github-action-3.1.0 -Z -C 30a4eb0ac4362ba25e7d02d3fb41e3e1a616862d -v
[2022-05-02T15:07:38.635Z] ['verbose'] Start of uploader: 1651504058635...
[2022-05-02T15:07:38.638Z] ['info']
_____ _
/ ____| | |
| | ___ __| | ___ ___ _____ __
| | / _ \ / _` |/ _ \/ __/ _ \ \ / /
| |___| (_) | (_| | __/ (_| (_) \ V /
\_____\___/ \__,_|\___|\___\___/ \_/
Codecov report uploader 0.2.0
[2022-05-02T15:07:38.645Z] ['info'] => Project root located at: /home/runner/work/kestrel-lang/kestrel-lang
[2022-05-02T15:07:38.647Z] ['info'] -> No token specified or token is empty
[2022-05-02T15:07:38.647Z] ['verbose'] Start of network processing...
[2022-05-02T15:07:38.647Z] ['verbose'] Searching for files in /home/runner/work/kestrel-lang/kestrel-lang
[2022-05-02T15:07:38.755Z] ['info'] Running coverage xml...
[2022-05-02T15:07:39.133Z] ['info'] Searching for coverage files...
[2022-05-02T15:07:39.198Z] ['info'] Warning: Some files located via search were excluded from upload.
[2022-05-02T15:07:39.199Z] ['info'] If Codecov did not locate your files, please review https://docs.codecov.com/docs/supported-report-formats
[2022-05-02T15:07:39.199Z] ['verbose'] Preparing to clean the following coverage paths: coverage.xml
[2022-05-02T15:07:39.199Z] ['info'] => Found 1 possible coverage files:
coverage.xml
[2022-05-02T15:07:39.199Z] ['verbose'] End of network processing
[2022-05-02T15:07:39.200Z] ['info'] Processing /home/runner/work/kestrel-lang/kestrel-lang/coverage.xml...
[2022-05-02T15:07:39.204Z] ['info'] Detected GitHub Actions as the CI provider.
[2022-05-02T15:07:39.204Z] ['verbose'] -> Using the following env variables:
[2022-05-02T15:07:39.204Z] ['verbose'] GITHUB_ACTION: __codecov_codecov-action
[2022-05-02T15:07:39.205Z] ['verbose'] GITHUB_HEAD_REF: hotfix-codecov-bot-test
[2022-05-02T15:07:39.205Z] ['verbose'] GITHUB_REF: refs/pull/222/merge
[2022-05-02T15:07:39.205Z] ['verbose'] GITHUB_REPOSITORY: opencybersecurityalliance/kestrel-lang
[2022-05-02T15:07:39.205Z] ['verbose'] GITHUB_RUN_ID: 2258690224
[2022-05-02T15:07:39.205Z] ['verbose'] GITHUB_SERVER_URL: https://github.com
[2022-05-02T15:07:39.205Z] ['verbose'] GITHUB_SHA: 4ae26412cb5df683526f701bbac53bb0e36d0250
[2022-05-02T15:07:39.205Z] ['verbose'] GITHUB_WORKFLOW: Unit testing on PR
[2022-05-02T15:07:39.205Z] ['verbose'] Using the following upload parameters:
[2022-05-02T15:07:39.206Z] ['verbose'] branch
[2022-05-02T15:07:39.206Z] ['verbose'] build
[2022-05-02T15:07:39.206Z] ['verbose'] buildURL
[2022-05-02T15:07:39.206Z] ['verbose'] commit
[2022-05-02T15:07:39.206Z] ['verbose'] job
[2022-05-02T15:07:39.206Z] ['verbose'] pr
[2022-05-02T15:07:39.206Z] ['verbose'] service
[2022-05-02T15:07:39.207Z] ['verbose'] slug
[2022-05-02T15:07:39.207Z] ['verbose'] name
[2022-05-02T15:07:39.207Z] ['verbose'] tag
[2022-05-02T15:07:39.207Z] ['verbose'] flags
[2022-05-02T15:07:39.207Z] ['verbose'] parent
[2022-05-02T15:07:39.208Z] ['info'] Pinging Codecov: https://codecov.io/upload/v4?package=github-action-3.1.0-uploader-0.2.0&token=*******&branch=hotfix-codecov-bot-test&build=2258690224&build_url=https%3A%2F%2Fgithub.com%2Fopencybersecurityalliance%2Fkestrel-lang%2Factions%2Fruns%2F2258690224&commit=30a4eb0ac4362ba25e7d02d3fb41e3e1a616862d&job=Unit+testing+on+PR&pr=222&service=github-actions&slug=opencybersecurityalliance%2Fkestrel-lang&name=&tag=&flags=&parent=
[2022-05-02T15:07:39.208Z] ['verbose'] Passed token was 0 characters long
[2022-05-02T15:07:39.208Z] ['verbose'] https://codecov.io/upload/v4?package=github-action-3.1.0-uploader-0.2.0&branch=hotfix-codecov-bot-test&build=2258690224&build_url=https%3A%2F%2Fgithub.com%2Fopencybersecurityalliance%2Fkestrel-lang%2Factions%2Fruns%2F2258690224&commit=30a4eb0ac4362ba25e7d02d3fb41e3e1a616862d&job=Unit+testing+on+PR&pr=222&service=github-actions&slug=opencybersecurityalliance%2Fkestrel-lang&name=&tag=&flags=&parent=
Content-Type: 'text/plain'
Content-Encoding: 'gzip'
X-Reduced-Redundancy: 'false'
[2022-05-02T15:07:39.657Z] ['info'] https://codecov.io/github/opencybersecurityalliance/kestrel-lang/commit/30a4eb0ac4362ba25e7d02d3fb41e3e1a616862d
https://storage.googleapis.com/codecov/v4/raw/2022-05-02/360D9E44D37ACDA426D54A8244C9E638/30a4eb0ac4362ba25e7d02d3fb41e3e1a616862d/72723f35-bda8-4d8e-8980-647fcaaa5c44.txt?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=GOOG1EKKHVKCKHW7KBCGM7IHR55T63V2PAVJWLVFNITJHDU5G6R5IRN3LMWJA%2F20220502%2FUS%2Fs3%2Faws4_request&X-Amz-Date=20220502T150739Z&X-Amz-Expires=10&X-Amz-SignedHeaders=host&X-Amz-Signature=1e7e5032238f3c41fb742039841247136bd4c6d5a596db65826e35aec9b5f93e
[2022-05-02T15:07:39.658Z] ['verbose'] Returned upload url: https://storage.googleapis.com/codecov/v4/raw/2022-05-02/360D9E44D37ACDA426D54A8244C9E638/30a4eb0ac4362ba25e7d02d3fb41e3e1a616862d/72723f35-bda8-4d8e-8980-647fcaaa5c44.txt?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=GOOG1EKKHVKCKHW7KBCGM7IHR55T63V2PAVJWLVFNITJHDU5G6R5IRN3LMWJA%2F20220502%2FUS%2Fs3%2Faws4_request&X-Amz-Date=20220502T150739Z&X-Amz-Expires=10&X-Amz-SignedHeaders=host&X-Amz-Signature=1e7e5032238f3c41fb742039841247136bd4c6d5a596db65826e35aec9b5f93e
[2022-05-02T15:07:39.658Z] ['info'] Uploading...
[2022-05-02T15:07:39.881Z] ['info'] {"status":"success","resultURL":"https://codecov.io/github/opencybersecurityalliance/kestrel-lang/commit/30a4eb0ac4362ba25e7d02d3fb41e3e1a616862d"}
[2022-05-02T15:07:39.881Z] ['verbose'] End of uploader: 1246 milliseconds
Expected Results
The commenting user may be oca-codecov-bot, not codecov-commenter in the PR page, I guess.