From 6e46379f08baa0b5b4d03a57ddbe325d6c359e91 Mon Sep 17 00:00:00 2001
From: Maximilian Roos <m@maxroos.com>
Date: Wed, 10 Jan 2024 15:08:29 -0800
Subject: [PATCH] ci: Use codecov token

Notes inline
---
 .github/workflows/tests.yaml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml
index fbc4ddfbe184..fcb5fb1d66d9 100644
--- a/.github/workflows/tests.yaml
+++ b/.github/workflows/tests.yaml
@@ -417,6 +417,15 @@ jobs:
           # files: codecov.json
           files: cobertura.xml
           fail_ci_if_error: true
+          # This isn't strictly necessary, but as discussed in
+          # https://community.codecov.com/t/upload-issues-unable-to-locate-build-via-github-actions-api/3954,
+          # without this the upload has a fairly high failure rate. That also
+          # suggests copying the token into the repo in plain text to ensure it
+          # doesn't also fail on forks. The only thing the token allows is
+          # uploading coverage, so there's no material security risk. (The token
+          # is at https://app.codecov.io/gh/PRQL/prql/settings if we need to do
+          # that.)
+          token: ${{ secrets.CODECOV_TOKEN }}
       - name: Upload code coverage results
         uses: actions/upload-artifact@v3
         with: