Rather than using a Team Bot, a GitHub App Integration can be used in GitHub (Cloud or Enterprise) to efficiently onboard new teams to Codecov.

The App Integration will allow teams to add Codecov directly to their repositories via the GitHub user interface.

This integration is meant to be a replacement for the Team Bot for GitHub (Cloud or Enterprise). Using it will ensure that comments are posted to Pull Requests as Codecov, rather than a Team Bot user.

To create a GitHub App Integration for Codecov, first navigate to your GitHub Apps:

Choose "New GitHub App":


And fill out the relevant fields for app creation:



It's important to set the proper homepage and callback URLs. They should point to your Codecov Enterprise install as follows:

<your-codecov-enterprise-url>/ghe

For the webhook URL:

<your-codecov-enterprise-url>/webhooks/github_enterprise


You should provide a secret. Once provided, you will want to ensure that you properly provide the secret in the Codecov Enterprise codecov.yml. 

Permissions

The following screenshot shows all permissions needed by the app integration, as well as the relevant events. For visibility permissions with a greater setting than "No Access" have been emphasized in green.



Repository Permissions


Required repository permissions.



Organization Permissions


Required organization permissions



User Permissions

No user permissions are required. All can be set to "No Access"



Events

Required user permissions.

?

Using GitHub.com?

If you're not using GitHub Enterprise, make sure that you only publish this app for your organization.


Generate and Add a PEM file to Codecov.


After creating the GitHub App, Github will prompt you to create a .pem file from the github ui. This will result in a .pem file you can download. Once downloaded you will need to place this file in the same directory as your codecov.yml and docker-compose.yml and update your docker-compose.yml and your codecov.yml as follows:

docker-compose.yml
web:
  #... other configuration
  volumes:
    - ./file.pem:/config/file.pem 
worker:
  #... other configuration
  volumes:
    - ./file.pem:/config/file.pem
codecov.yml
github: 
  client_id: "ff523b316dbe1b573220"
  client_secret: "30f197d4aeb2ef64604f03c944595dd9b1d6abb6"
  webhook_secret: "ff523b3162ef64604f03c94459"
  integration:
    id: 63040
    pem: /config/file.pem

Troubleshooting

If you don't receive comments on Pull Requests for Repositories with the App Integration installed, visit the repo settings page for that particular repository on your Codecov Enterprise install:


For GitHub.com:

<your-codecov-enterprise-url>/gh/<org-name>/><repo-name>/settings

For GitHub Enterprise:

<your-codecov-enterprise-url>/ghe/<org-name>/><repo-name>/settings

Once there, check the "GitHub Webhook" section and press the "Create Web Hook" button if a webhook is not already set.