Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pin codecov action to v4.5.0 and update dependabot.yml to ignore v4.6.0 #222

Merged
merged 1 commit into from
Oct 4, 2024
Merged

Pin codecov action to v4.5.0 and update dependabot.yml to ignore v4.6.0 #222

merged 1 commit into from
Oct 4, 2024

Conversation

alisonlhart
Copy link
Contributor

@alisonlhart alisonlhart commented Oct 3, 2024
edited
Loading

Changes the codecov version in our tox workflow from v4 to v4.5.0, since v4.6.0 introduced a regression causing this error:

Error: Codecov: Failed to get OIDC token with url: https://codecov.io./ Error message: Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable

Updates dependabot.yml to skip version v4.6.0.
Adds dependabot.yml to the .ansible-lint exclude_paths list, since it's failing on the quotes surrounding the dependency_name and versions values.

Codecov issue: codecov/codecov-action#1594

@alisonlhart alisonlhart added the bug Something isn't working label Oct 3, 2024
@alisonlhart alisonlhart requested a review from a team as a code owner October 3, 2024 16:18
@alisonlhart alisonlhart requested review from audgirka and sshedmake and removed request for a team October 3, 2024 16:18
@alisonlhart alisonlhart requested review from ssbarnea, cidrblock and shatakshiiii and removed request for audgirka and sshedmake October 3, 2024 16:19
ssbarnea
ssbarnea previously requested changes Oct 4, 2024
View reviewed changes
Copy link
Member

@ssbarnea ssbarnea left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also modify dependabot config to prevent it from picking v4.6.0 when running on action otherwise, you change will be undone by it.

See https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#ignore

I think that we can assume that next version will address the issue, just skip 4.6.0

@alisonlhart
Copy link
Contributor Author

@ssbarnea Added!

@alisonlhart alisonlhart changed the title Pin codecov version to 4.5.0 Pin codecov action to v4.5.0 and update dependabot.yml to ignore v4.6.0 Oct 4, 2024
@alisonlhart alisonlhart merged commit 4d47dff into ansible:main Oct 4, 2024
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shatakshiiii shatakshiiii shatakshiiii approved these changes

@cidrblock cidrblock Awaiting requested review from cidrblock

@ssbarnea ssbarnea Awaiting requested review from ssbarnea

@Qalthos Qalthos Awaiting requested review from Qalthos

Assignees
No one assigned
Labels
bug Something isn't working
Projects
🧰 devtools project board
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@alisonlhart @ssbarnea @shatakshiiii