Comments (19)
This has been added. Be aware that, when using AppVeyor, pull requests do not decrypt secure environment variables. If COVERALLS_REPO_TOKEN is set as a configured environment variable (either in yml or in UI) and it's encrypted, calls to coveralls won't work.
from coveralls.net.
Right... How to solve this? Any idea?
from coveralls.net.
- Don't use yml for configuration and stick strictly to AppVeyor's UI for setting up your builds. Set the environment variable with your token unencrypted.
- Ask AppVeyor to change how this works.
- Use a different CI service.
I'm planning to personally research other available CI options for my own personal use as well as to provide support for this project across more platforms.
from coveralls.net.
I've checked coveralls.net
utility and I think it would be pretty easy to add "native" support for it into AppVeyor. We could have like a new coveralls
section in appveyor.yml
. This way it will work in both regular and PR builds (adding another deployment provider won't work as deployment is also disabled for PR builds).
from coveralls.net.
Works for me. Let me know if there's anything I can do to help with this.
from coveralls.net.
Cool, thanks!
from coveralls.net.
@FeodorFitsner That would be awesome!
from coveralls.net.
So, having just recently set up Coveralls for a small project that I am working on, I was curious about this ability to comment on GitHub. Are we saying that I can't use an environment variable to do this work? If so, can I use settings both from the UI and from my YAML? What is the state of this from an AppVeyor point of view @FeodorFitsner ?
Thanks!
from coveralls.net.
So, we agreed on adding built-in support for coveralls, but I can't give you an ETA yet.
Yes, you can define vars on both UI and in YAML.
from coveralls.net.
So, in theory, assuming that I add the Coveralls token to the AppVeyor UI, I should currently get commenting on Pull Requests when using this application to publish to coveralls. Is that right? /cc @jdeering
from coveralls.net.
Yes, unless it's unencrypted it will be merged into vars defined in yml and available in PR build. But again, anyone with bad intentions could steal it by submitting PR listing all environment variables.
from coveralls.net.
@FeodorFitsner said...
anyone with bad intentions could steal it by submitting PR listing all environment variables.
Yip, valid point. :+1+ Right now, it is not an essential addition for me, only just got Coveralls and Coverity set up on my small project, and was curious when I saw this feature within Coveralls.
from coveralls.net.
from coveralls.net.
@FeodorFitsner any updates on this -- on figuring out a secure way to make this work for PR's?
from coveralls.net.
Actually, there is a new option Enable secure variables in Pull Requests from the same repository only
(on General tab of AppVeyor project settings) that is available for both public and private projects and may work for this case.
from coveralls.net.
@FeodorFitsner is that something I need to configure in the AppVeyor.yml or only in the UI?
from coveralls.net.
It's UI only.
from coveralls.net.
@FeodorFitsner The UI option works great for PR's from branches that are in the same repo, as designed, but it still leaves a gap for PR's from external contributors.
I suspect that the only secure way to do it would be or AppVeyor to provide its own coveralls.net binary and invoke it as part of a separate dedicated step and pass the repo-token
parameter directly. That'd prevent exposure to scripts/items in the PR itself.
Any chance of that happening?
from coveralls.net.
This issue is primarily related to functionality in AppVeyor itself and not related to the coveralls.net
tools as they are currently implemented.
from coveralls.net.
Related Issues (20)
- Reporting issue HOT 2
- Appveyor - OpenCover > Coveralls HOT 5
- Add parser - SharpCover
- Build numbers HOT 1
- Application crashes when --commitEmail flag is not supplied HOT 2
- Support .NET Core HOT 1
- Research and review usage and integration with CI services HOT 3
- Support for Chutzpah coverage (java script) HOT 5
- Internal Server 500 error HOT 2
- Executing command-line throws NRE HOT 2
- NRE in 1.4.1 HOT 6
- Keep getting the filename, directory name, or volume label syntax is incorrect in appveyor HOT 3
- Jenkins Support HOT 1
- Can't generate coverage files HOT 2
- Can't find a part of the path HOT 1
- Cannot upload code coverage: error code 422 even thus token is valid HOT 1
- Documentation on usage? HOT 16
- Invalid Coveralls Repo Token HOT 2
- Error sending to Coveralls.io (422 - Unprocessable Entity HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from coveralls.net.