Self-Hosted Configuration


Codecov configuration is done through a yaml file or environment variables.

The environment variables must be in the format of CATEGORY__KEY="VALUE", note the two underscores between category and key.

1setup: 2  codecov_url: "value" 3services: 4  notifications: 5    slack: "value" 6 

Would become

1export SETUP__CODECOV_URL="value" 2export SERVICES__NOTIFICATIONS__SLACK="value" 3 


Enterprise License

Provided by Codecov staff which is unique to each company.


1setup: 2  enterprise_license: "very-long-license-key" 3 

Codecov URL

The base url of your Codecov Enterprise instance

?   Do not add a trailing slash

If you are encountering errors on uploads, or clicking links in statuses or comments, confirm you did not add a trailing slack at the end of this value.


1setup: 2  codecov_url: "" 3 4# or you may use an IP address with an optional port 5setup: 6  codecov_url: "" 7 

This url is used, primarily, in Commit StatusPull Request Comments and Notifications as the redirect url to get back to your Codecov.


Add custom CI domains

An important part of Codecov's process is to check the CI status of commits in order to ensure coverage data is complete and generated by a successful CI build. Add you CI domains in the configuration to ensure they are properly detected.


1services: 2   ci_providers: 3     -  # domain name only 4 


Guest Access

By default: all users (logged in or guests) can view reports for public repositories hosted on Github/Bitbucket/Gitlab (not their respective Enterprise products).
You may disable guest access which will require all users to login to your Enterprise instance in order to view any project or interact with the product at all.


1setup: 2  guest_access: off 3 


Cookie Secret

String used to encrypt secure cookies with. If changed user sessions will exprie and require login to access system again.


1setup: 2  http: 3    cookie_secret: "some-random-string" 4


Previously at setup.cookie_secret which is automatically copied under http node.


?   Not Required for Docker Installation

This value is not required when using Docker.


1services: 2  database_url: postgres://{USER}:{PASSWORD}@{HOST}:{PORT}/{DB_NAME} 3 

The full regular expression the url gets parsed through is the following:

1postgres://([\w\-]*):?([\w\-]*)@([\w\-\.]+):?(\d+)/?([\w\-]+) 2 

The regular expression for the user and password is [\w\-]*, some random-generated passwords contain commas and other characters. Please change the password, if necessary, to fit the regular expression above.


Test your string against this regular expression in bash via:

1echo "insert-string-here" | python -c "import sys,  re;print('Passed' if re.match('postgres://([\w\-]*):?([\w\-]*)@([\w\-\.]+):?(\d+)/?([\w\-]+)', else 'Failed');" 2 



?   Not Required for Docker Installation

This value is not required when using Docker.

❗️  Cluster Mode is not supported

Due to a lack of cluster mode support in the underlying message queuing system we use, Codecov can not support clustered redis at this time. If that support is added, we will be happy to adapt our product to do so as well.


1services: 2  redis_url: redis://{USER}:{PASSWORD}@{HOST}:{PORT}/{DB_NAME} 3 

Your Redis instance is used to quickly upload reports for queueing. The instance size of Redis can vary based on (a) size of coverage reports, (b) frequency of uploads, and (c) number of workers processing reports. Recommended 1GB or larger.

The full regular expression is:

1redis://([\w\-]*)?:?([\w\-]*)?@?([\w\-\.]+):?(\d+)/?([\w\-]+) 2 


Restrict HTTP Connections

You may restrict the domains that Notifications can connect to.


1services: 2  notifications: 3    slack: ""  # can only send messages to 4    gitter: off                            # disable gitter notifications 5    webhook: ""      # webhooks can only be sent to 6    irc: off                                     # disable irc 7    hipchat: off                       # disable hipchat 8 


Global Upload Tokens

Each Linked Service Provider may have a Global Upload Token to simplify the upload process. To specify your upload token please append a unique string to your service provider.


1github_enterprise: 2  global_upload_token: "ghe-123abc" 3 

When you upload you can include the global token and the owner/repo slug to accept uploads.


1bash <(curl -s -t "ghe-123abc" -r owner/repo 2 


Restrict Organizations

You may restrict users to require membership to at least one team/organization.


1github: 2  organizations: 3    - "awesome-team" 4    - "modest_mice" 5 

Any user who attempt to login must be a member of either awesome-teamor modest_mice. This configuration works for GitHub, Bitbucket and GitLab service providers.


Restrict Teams (GitHub Only)

As of Codecov Enterprise 4.4.6, GitHub and GitHub Enterprise users can restrict login based on organization and team if desired. Team based restrictions will only work if the organization is defined. Otherwise the team list is ignored. Note that both team and organization lists are case sensitive.


1github_enterprise: 2  organizations: 3    - "Great Company" 4  teams: 5    - "My Great Team" 6    7# The following WILL NOT work. Organizations must be supplied as well. 8github_enterprise: 9  teams: 10    - "My Great Team" 11 
?   Team Restriction Exists for GitHub and GitHub Enterprise Only

Currently only GitHub and GitHub Enterprise users can use team-based restrictions.

Defining a teams block for any other repository provider in your codecov.yml will likely cause yaml validation to fail.

Note that organization and team checking is inclusive. For example, if you specify multiple organizations and multiple teams, this check will pass if the user belongs to any of the listed organizations and any of the listed teams.

Was this article helpful?
0 out of 0 found this helpful

Articles in this section