Disable codecov

[josephevans]

Description

Disable use of codecov in master branch.

[mxnet-bot]

Hey @josephevans , Thanks for submitting the PR
All tests are already queued to run once. If tests fail, you can trigger one or more tests again with the following commands:

• To trigger all jobs: @mxnet-bot run ci [all]
• To trigger specific jobs: @mxnet-bot run ci [job1, job2]

---

CI supported jobs: [unix-gpu, unix-cpu, centos-cpu, clang, edge, sanity, website, windows-cpu, windows-gpu, centos-gpu, miscellaneous]

---

Note:
Only following 3 categories can trigger CI :PR Author, MXNet Committer, Jenkins Admin.
All CI tests must pass before the PR can be merged.

[marcoabreu]

Could you elaborate? The vulerability already has been patched.

[szha]

@marcoabreu safer to have AWS security review first before adding it back. For now we won't support codecov on the CI until it's deemed safe.

[szha]

The follow up step is to add the rotated credentials to make the CI work again, have the security team in AWS review whether codecov is acceptably safe on our system, and then add it back afterwards.

[marcoabreu]

Okay, works for me . Thanks!

Btw, with the cached version of codecov which we used before, this would have been averted.

[szha]

Indeed.

[leezu]

Are you referring to the code from 3 years ago?

https://github.com/apache/incubator-mxnet/blob/ecadeac9a2fbacc7e5b726783ecac6bdc7558b1e/ci/Jenkinsfile_utils.groovy#L126-L128

I'm not sure that would have prevented the problem as it's only fallback :)

[marcoabreu]

Oh I thought it was the other way around. Nevermind then