From 2db07e317924c76f654a414629d71c65876882e2 Mon Sep 17 00:00:00 2001 From: joseph-sentry <136376984+joseph-sentry@users.noreply.github.com> Date: Wed, 25 Jun 2025 11:58:52 -0400 Subject: [PATCH] fix: check reqs exist (#1835) * fix: check reqs * fix * docs: update README to reflect dependency needs --- .github/workflows/main.yml | 115 ++++++++++++++++++++++++++++++++++--- README.md | 7 ++- action.yml | 20 +++++++ 3 files changed, 132 insertions(+), 10 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 695b508..73f0c17 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -14,11 +14,12 @@ jobs: - name: Checkout uses: actions/checkout@v4.2.2 with: - submodules: 'true' + submodules: "true" - name: Install dependencies run: pip install -r src/scripts/app/requirements.txt - name: Run tests and collect coverage run: pytest src/scripts/app/ --cov + - name: Upload coverage to Codecov (script) uses: ./ with: @@ -55,7 +56,7 @@ jobs: - name: Checkout uses: actions/checkout@v4.2.2 with: - submodules: 'true' + submodules: "true" - name: Install dependencies run: pip install -r src/scripts/app/requirements.txt - name: Run tests and collect coverage @@ -104,15 +105,16 @@ jobs: - name: Checkout uses: actions/checkout@v4.2.2 with: - submodules: 'true' + submodules: "true" - name: Install deps run: | - apt-get install git + apt-get update && apt-get install -y git + - name: Upload coverage to Codecov (script) uses: ./ with: files: ./coverage/script/coverage-final.json - flags: script-${{ matrix.os }} + flags: script-container name: codecov-script verbose: true token: ${{ secrets.CODECOV_TOKEN }} @@ -120,7 +122,7 @@ jobs: uses: ./ with: files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json,./coverage/coverage-final.json - flags: demo-${{ matrix.os }} + flags: demo-container name: codecov-demo verbose: true token: ${{ secrets.CODECOV_TOKEN }} @@ -128,8 +130,107 @@ jobs: uses: ./ with: files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json,./coverage/coverage-final.json - flags: version-${{ matrix.os }} + flags: version-container name: codecov-version version: v9.1.0 verbose: true token: ${{ secrets.CODECOV_TOKEN }} + + run-alpine-missing-deps: + runs-on: ubuntu-latest + container: alpine:latest + steps: + - name: Install only some deps (missing gpg and bash) + run: | + apk add git + - name: Checkout + uses: actions/checkout@v4.2.2 + with: + submodules: "true" + - name: Upload coverage to Codecov (should fail due to missing dependencies) + id: codecov-upload + continue-on-error: true + uses: ./ + with: + files: ./coverage/script/coverage-final.json + flags: script-alpine-missing-deps + name: codecov-script + verbose: true + token: ${{ secrets.CODECOV_TOKEN }} + - name: Verify dependency check failed + run: | + if [ "${{ steps.codecov-upload.outcome }}" = "failure" ]; then + echo "✓ Action correctly failed due to missing dependencies" + exit 0 + else + echo "✗ Action should have failed but didn't" + exit 1 + fi + + run-alpine-success: + runs-on: ubuntu-latest + container: alpine:latest + steps: + - name: Install all required deps + run: | + apk add git curl gnupg bash + - name: Checkout + uses: actions/checkout@v4.2.2 + with: + submodules: "true" + - name: Upload coverage to Codecov (should succeed) + uses: ./ + with: + files: ./coverage/script/coverage-final.json + flags: script-alpine-success + name: codecov-script + verbose: true + token: ${{ secrets.CODECOV_TOKEN }} + - name: Upload coverage to Codecov (demo) + uses: ./ + with: + files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json,./coverage/coverage-final.json + flags: demo-alpine-success + name: codecov-demo + verbose: true + token: ${{ secrets.CODECOV_TOKEN }} + - name: Upload coverage to Codecov (version) + uses: ./ + with: + files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json,./coverage/coverage-final.json + flags: version-alpine-success + name: codecov-version + version: v9.1.0 + verbose: true + token: ${{ secrets.CODECOV_TOKEN }} + + run-alpine-partial-deps: + runs-on: ubuntu-latest + container: alpine:latest + steps: + - name: Install only some deps (missing gpg and bash) + run: | + apk add git curl + - name: Checkout + uses: actions/checkout@v4.2.2 + with: + submodules: "true" + - name: Upload coverage to Codecov (should fail due to missing gpg and bash) + id: codecov-upload + continue-on-error: true + uses: ./ + with: + files: ./coverage/script/coverage-final.json + flags: script-alpine-partial-deps + name: codecov-script + verbose: true + token: ${{ secrets.CODECOV_TOKEN }} + - name: Verify dependency check failed + run: | + if [ "${{ steps.codecov-upload.outcome }}" = "failure" ]; then + echo "✓ Action correctly failed due to missing dependencies (gpg and bash)" + exit 0 + else + echo "✗ Action should have failed but didn't" + exit 1 + fi diff --git a/README.md b/README.md index 302bbc8..f342d82 100644 --- a/README.md +++ b/README.md @@ -49,10 +49,11 @@ You can see their usage in the `action.yml` [file](https://github.com/codecov/co ## Usage +> [!CAUTION] +> In order for the Action to work seamlessly, you will need to have `bash`, `curl`, `git`, and `gpg` installed on your runner. You will also need to run [actions/checkout](https://github.com/actions/checkout) before calling the Codecov action. If these are not present, the Action will fail. Github Actions runners will have these installed by default. If you are using a custom runner or running in a container, you will need to ensure that these are installed. + To integrate Codecov with your Actions pipeline, specify the name of this repository with a tag number (`@v5` is recommended) as a `step` within your `workflow.yml` file. -> [!WARNING] -> In order for the Action to work seamlessly, you will need to have `curl`, `git`, and `gpg` installed on your runner. You will also need to run the [actions/checkout](https://github.com/actions/checkout) before calling the Codecov action. This Action also requires you to [provide an upload token](https://docs.codecov.io/docs/frequently-asked-questions#section-where-is-the-repository-upload-token-found-) from [codecov.io](https://www.codecov.io) (tip: in order to avoid exposing your token, [store it](https://docs.codecov.com/docs/adding-the-codecov-token#github-actions) as a `secret`). @@ -96,7 +97,7 @@ steps: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} ``` -> [!NOTE] +> [!IMPORTANT] > This assumes that you've set your Codecov token inside _Settings > Secrets_ as `CODECOV_TOKEN`. If not, you can [get an upload token](https://docs.codecov.io/docs/frequently-asked-questions#section-where-is-the-repository-upload-token-found-) for your specific repo on [codecov.io](https://www.codecov.io). Keep in mind that secrets are _not_ available to forks of repositories. ### Using OIDC diff --git a/action.yml b/action.yml index f99bba6..375b8b0 100644 --- a/action.yml +++ b/action.yml @@ -175,6 +175,26 @@ branding: runs: using: "composite" steps: + - name: Check system dependencies + shell: sh + run: | + missing_deps="" + + # Check for required commands + for cmd in bash git curl gpg; do + if ! command -v "$cmd" >/dev/null 2>&1; then + missing_deps="$missing_deps $cmd" + fi + done + + # Report missing required dependencies + if [ -n "$missing_deps" ]; then + echo "Error: The following required dependencies are missing:$missing_deps" + echo "Please install these dependencies before using this action." + exit 1 + fi + + echo "All required system dependencies are available." - name: Action version shell: bash run: |