1. Code Changes (done by any developer, merged by someone with repo write access)

The developer should add a covecov.yml file if they have not already, e.g.:

coverage:
  status:
    project:
      default:
        enabled: yes
        target: auto
    patch:
      default:
        enabled: yes
        target: 100%

comment: false

Add something like the following to your github actions workflows so you can upload coverage info to CodeCov. Remove the “NOTE” comments before committing.

    - name: Upload coverage to CodeCov
      # NOTE: If your workflow uses a matrix, then edit the `if:` line so that codeocov
      #       runs on the newest passing set of versions. If your workflow doesn't use
      #       a matrix, then just delete the `if:` line.
      if: matrix.python-version == '3.12' && matrix.toxenv == 'django42'
      uses: codecov/codecov-action@v4
      with:
        token: ${{ secrets.CODECOV_TOKEN }}
        # NOTE: Change this to 'false' if you want codecov failures to still quietly let the
        #       workflow pass. We only recommend this in cases where the workflow passing
        #       is more important than codecov working; for example, package releases. At
        #       least one workflow in your repo should have `fail_ci_if_error: true`; otherwise,
        #       codecov may break and nobody will notice.
        fail_ci_if_error: true

If you are updating a repo that already uses codecov, be sure to update every workflow file that uses it. Search the .github folder for the string "codecov" to be sure.

2. GitHub App settings (done by a GitHub org admin, at Axim for openedx)

All repositories in the openedx org should have this turned on already.

3. Branch protection (done by a GitHub org admin, at Axim for openedx)

If you would like to require Codecov to pass for merges to a protected branch, you will first need a commit to be pushed to a PR against the branch in question after making the changes above. You don't necessarily need to merge this, there just needs to be at least one existing run of the Codecov check against that branch.

You can now make the Codecov check required for merges to that branch: Repo → Settings → Branches → Branch Protection Rules → Edit on the desired branch. For example, https://github.com/openedx/edx-django-utils/settings/branches/master . Then under “Require status checks to pass before merging”, search for and select the Codecov check(s) to be required. Finally, click the “Save Changes” button at the bottom of the page.

4. Add a CodeCov repository secret (done by a GitHub org admin, at Axim for openedx)

1. In a private browsing window, login to github as the openedx-codecov user.

2. Then login to codecov.io via this github user.

3. Go to the settings page for the relevant repository in the private browsing window:

   • https://app.codecov.io/gh/openedx/<repo_name>/settings

4. Copy the repository upload token (just the uuid!).

5. As an admin user, go to the repository secrets section of the repo:

   • https://github.com/openedx/<repo_name>/settings/secrets/actions

6. Add the token as a new secret named CODECOV_TOKEN