d49f0fef4 added a 5% threshold to codecov.yml, so that small fixes don't
turn the CI red.
However, it contained a typo and put the setting in the wrong place in
the file. codecov.io ignores unknown keys instead of throwing an error.
Fix this and validate with:
cat codecov.yml | curl --data-binary @- https://codecov.io/validate
We're only using code coverage as additional information. Put in a 5%
threshold so that small fixes that decrease coverage slightly don't
block pull requests.
Codecov's patch status measures lines covered in a given pull request,
which fails when moving code around.
Adding code with no coverage still fails the codecov/project status,
which fails if coverage has gone down.
coveralls doesn't work from GitHub actions. Its "github" service type
uses the GITHUB_TOKEN from the action, which only has read access when
invoked from a forked repository.
codecov gets this right: it validates that an uploaded coverage file
originated from a GitHub action run by asking GitHub, and then uses its
OAuth credentials (through the Marketplace App) to comment and set
status.
Also, coveralls requires a third-party package to convert go's coverage
report to a format it understands. codecov detects the format
server-side. It also handles go's coverage format better: it highlights
lines with "some coverage" in yellow (coveralls has no concept of this).
