chore: Update github actions to use OIDC for codecov. Assisted-by: Claude

[jcraiglo1]

EDA-Server is already connected to codecov. So here I changed around some configuration to use the recommended OIDC method of connecting. It is simpler to maintain as less configuration is required and github itself handles all provisioning. Alongside this we are removing unused env parameters.

Note: As part of this change, flag analytics was enabled in codecov

Summary by CodeRabbit

• Chores
  • Improved security of the CI/CD infrastructure by implementing OIDC-based authentication for code coverage reporting.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR enables OIDC-based authentication for Codecov uploads by granting the required GitHub OIDC permission in the CI workflow and configuring the Codecov action to use OIDC instead of environment variables.

Changes

Enable OIDC Authentication for Codecov

Layer / File(s)	Summary
Grant OIDC permission and enable Codecov OIDC authentication .github/workflows/ci.yaml, .github/actions/test/action.yml	The test job is granted id-token: write permission, and the Codecov action configuration enables use_oidc: true while removing the env_vars: OS,PYTHON setting.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly summarizes the main change: updating GitHub Actions to use OIDC for Codecov authentication, which is the primary objective of this PR.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description check	✅ Passed	PR description is clear and explains the rationale for switching to OIDC authentication, but lacks details on how to test and potential impacts.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch update_codecov_config

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/ci.yaml:
- Around line 57-59: The workflow permissions block currently sets only
id-token: write which removes other defaults and breaks actions/checkout; update
the permissions section (the permissions: id-token entry in the CI workflow) to
also include contents: read so the checkout step (actions/checkout@v6) can
access the repository; ensure the permissions block contains both id-token:
write and contents: read.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Enterprise

Run ID: 7a25ed28-edb6-4e4e-b42a-60c1a5cef711

📥 Commits

Reviewing files that changed from the base of the PR and between daeda95 and e5a739c.

📒 Files selected for processing (2)

• .github/actions/test/action.yml
• .github/workflows/ci.yaml

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 92.01%. Comparing base (daeda95) to head (e5a739c).

@@           Coverage Diff           @@
##             main    #1559   +/-   ##
=======================================
  Coverage   92.01%   92.01%           
=======================================
  Files         241      241           
  Lines       10972    10972           
=======================================
  Hits        10096    10096           
  Misses        876      876           

Flag	Coverage Δ
unit-int-tests-3.11	92.01% <ø> (ø)
unit-int-tests-3.12	92.01% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[AlexSCorey]

This looks good to me.

[ptoscano]

Mostly LGTM, see my question about the removed parameter.