Expose CODECOV_TOKEN as secret for the reusable workflow

[joselsegura]

Description

The unit tests workflows needs to use its own CODECOV_TOKEN, so the reusable workflow needs to be prepared to receive it.

Fixing secrets: inherit approach that exposes all the repository secrets to a possible attacker

Type of change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Security fix in dependent library (changes made in the code)

Testing steps

N/A

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Enterprise

Run ID: c6f564e0-61ec-44ea-b873-7ed486527820

📥 Commits

Reviewing files that changed from the base of the PR and between 607368a and 8a38ab0.

📒 Files selected for processing (1)

• .github/workflows/pytests.yaml

---

Summary by CodeRabbit

• Chores
  • Enhanced continuous integration configuration to support more flexible setup options.

Walkthrough

The GitHub Actions workflow file is updated to formally declare an optional CODECOV_TOKEN secret in its callable interface, enabling external workflows to explicitly pass this secret when reusing the workflow.

Changes

Cohort / File(s)	Summary
GitHub Actions Workflow Configuration .github/workflows/pytests.yaml	Added optional CODECOV_TOKEN secret to workflow_call interface declaration (required: false).

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: exposing CODECOV_TOKEN as a secret for the reusable workflow, which is the primary focus of this pull request.
Description check	✅ Passed	The description is directly related to the changeset, explaining the security motivation (replacing secrets:inherit) and the specific change (accepting CODECOV_TOKEN in the reusable workflow).
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}