Summary
Codecov coverage upload fails on Dependabot PRs because the branch is treated as protected and no CODECOV_TOKEN is provided.
Example
Failed run on dependabot/cargo/keccak-0.1.6
error - Commit creating failed: {"message":"Token required because branch is protected"}
Codecov: Failed to properly create commit
Cause
codecov/codecov-action@v4 requires a CODECOV_TOKEN for protected/non-default branches. Dependabot PRs run with a read-only GITHUB_TOKEN and don't have access to it. Combined with fail_ci_if_error: true, this blocks the entire CI job.
Options
- Add
CODECOV_TOKEN as a repository secret and pass it to the action
- Set
fail_ci_if_error: false so coverage upload failures don't block CI
- Both
Summary
Codecov coverage upload fails on Dependabot PRs because the branch is treated as protected and no
CODECOV_TOKENis provided.Example
Failed run on
dependabot/cargo/keccak-0.1.6Cause
codecov/codecov-action@v4requires aCODECOV_TOKENfor protected/non-default branches. Dependabot PRs run with a read-onlyGITHUB_TOKENand don't have access to it. Combined withfail_ci_if_error: true, this blocks the entire CI job.Options
CODECOV_TOKENas a repository secret and pass it to the actionfail_ci_if_error: falseso coverage upload failures don't block CI