Via #213, we attempted to implement a coverage reporting step which posts results to incoming PRs. Due to restrictions with the GITHUB_TOKEN on public forks, we need to revisit this workflow and find an alternative to providing coverage feedback to contributors.

Other FINOS projects are using codecov as their reporting tool which seems to integrate with PRs w/o issue.

The workflows permissions on this repo (settings) are: Read and write permissions - Workflows have read and write permissions in the repository for all scopes., which I understand is the permissive option.

I read in the docs that - Anyone with write access to a repository can modify the permissions granted to the GITHUB_TOKEN, adding or removing access as required, by editing the permissions key in the workflow file., and I see it in the code - https://github.com/finos/git-proxy/actions/runs/7652616484/workflow?pr=409#L23

However, if you check the build logs, you'll see that the permission is not properly set - https://github.com/finos/git-proxy/actions/runs/7652616484/job/20852745697?pr=409#step:1:18

Docs on https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions are a bit generic, and it may be that we need more permissions; could you try playing a bit with it, for example setting all permissions to write and see if that works?

Originally posted by @maoo in #203 (comment)