Hi all, Recently the Cov workflow in BifroMQ has been failing. After investigation, the root cause is not related to the build or coverage itself, but to an update in Apache’s GitHub Actions policy:
- https://infra.apache.org/github-actions-policy.html - https://github.com/apache/infrastructure-actions ASF has tightened the allowed Actions scope, and third-party actions such as coverallsapp/github-action are no longer permitted unless explicitly approved in the allowlist. As a result, our current Coveralls step is blocked at workflow initialization. I also checked the available Apache-provided actions (including those under apache/* and apache/infrastructure-actions), and there is currently no official alternative for coverage upload to external services like Coveralls. Given this situation, I propose the following: - Remove the Coveralls GitHub Action from the Cov workflow for now, so that CI can pass consistently under the current policy. - Keep generating coverage reports (e.g., via JaCoCo) as part of the build. - Revisit integration with external coverage services later if a policy-compliant approach (e.g., approved actions or alternative mechanisms) becomes available. Please let me know if there are concerns or better approaches. Best, -- Yonny(Yu) Hao
