Fix codecov to work on PRs, and be used as a required check (#298)

* pull_request_target should allow PR jobs to use secrets, enabling codecov uplaods

* try to fix it

* try again

* run on the test environment

* and again

Author: shaypal5

.github/workflows/ci-test.yml

@@ -3,6 +3,8 @@ name: Test
 on:
   pull_request:
     branches: [master]
+  pull_request_target:
+    branches: [master]
   push:
     branches: [master]
   schedule:
@@ -16,7 +18,10 @@ concurrency:
 
 jobs:
   pytester:
+    # run on both push & normal PR
+    if: github.event_name == 'push' || github.event_name == 'pull_request'
     runs-on: ${{ matrix.os }}
+    environment: test
     strategy:
       fail-fast: false
       matrix:
@@ -144,25 +149,14 @@ jobs:
         if: matrix.backend == 'redis'
         run: pytest -m redis --cov=cachier --cov-report=term --cov-report=xml:cov.xml
 
-      - name: Upload coverage to Codecov (non-PRs)
-        if: github.event_name != 'pull_request' # pushes, scheduled, etc.
+      - name: Upload coverage to Codecov (non PRs)
         continue-on-error: true
         uses: codecov/codecov-action@v5
         with:
           fail_ci_if_error: true
           token: ${{ secrets.CODECOV_TOKEN }} # required
           flags: ${{ matrix.backend }}
-
-      # We need a separate step for PRs because PRs do not have access to
-      # secrets; hence, provide the token will give it an empty value,
-      # resulting in an authentication error.
-      - name: Upload coverage to Codecov (PRs)
-        if: github.event_name == 'pull_request' # PRs only
-        continue-on-error: true
-        uses: codecov/codecov-action@v5
-        with:
-          fail_ci_if_error: true
-          flags: ${{ matrix.backend }}
+          override_pr: ${{ github.event.pull_request.number }}
 
   testing-guardian:
     runs-on: ubuntu-latest