mirror of
https://github.com/codecov/codecov-action.git
synced 2026-03-28 17:05:07 +00:00
Compare commits
6 Commits
fix/dirty-
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
|
57e3a136b7 | ||
|
|
f67d33dda8 | ||
|
|
75cd11691c | ||
|
|
87d39f4a2c | ||
|
|
1af58845a9 | ||
|
|
c143300dea |
6
Makefile
6
Makefile
@@ -1,7 +1,7 @@
|
||||
deploy:
|
||||
$(eval VERSION := $(shell cat src/version))
|
||||
git tag -d v5
|
||||
git push origin :v5
|
||||
git tag v5
|
||||
git tag -d v6
|
||||
git push origin :v6
|
||||
git tag v6
|
||||
git tag v$(VERSION) -s -m ""
|
||||
git push origin --tags
|
||||
|
||||
@@ -6,6 +6,10 @@
|
||||
|
||||
### Easily upload coverage reports to Codecov from GitHub Actions
|
||||
|
||||
## v6 Release
|
||||
|
||||
`v6` of the Codecov GitHub Action support node24
|
||||
|
||||
## v5 Release
|
||||
|
||||
`v5` of the Codecov GitHub Action will use the [Codecov Wrapper](https://github.com/codecov/wrapper) to encapsulate the [CLI](https://github.com/codecov/codecov-cli). This will help ensure that the Action gets updates quicker.
|
||||
|
||||
@@ -230,7 +230,7 @@ runs:
|
||||
GITHUB_REPOSITORY: ${{ github.repository }}
|
||||
|
||||
- name: Get OIDC token
|
||||
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
|
||||
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
|
||||
id: oidc
|
||||
with:
|
||||
script: |
|
||||
|
||||
42
dist/codecov.sh
vendored
42
dist/codecov.sh
vendored
@@ -71,11 +71,6 @@ then
|
||||
fi
|
||||
CC_COMMAND="${CC_CLI_TYPE}"
|
||||
else
|
||||
CC_DOWNLOAD_DIR=$(mktemp -d)
|
||||
cleanup_downloads() {
|
||||
rm -rf "$CC_DOWNLOAD_DIR"
|
||||
}
|
||||
trap cleanup_downloads EXIT
|
||||
if [ -n "$CC_OS" ];
|
||||
then
|
||||
say "$g==>$x Overridden OS: $b${CC_OS}$x"
|
||||
@@ -92,7 +87,7 @@ else
|
||||
fi
|
||||
CC_FILENAME="${CC_CLI_TYPE%-cli}"
|
||||
[[ $CC_OS == "windows" ]] && CC_FILENAME+=".exe"
|
||||
CC_COMMAND="$CC_DOWNLOAD_DIR/$CC_FILENAME"
|
||||
CC_COMMAND="./$CC_FILENAME"
|
||||
[[ $CC_OS == "macos" ]] && \
|
||||
! command -v gpg 2>&1 >/dev/null && \
|
||||
HOMEBREW_NO_AUTO_UPDATE=1 brew install gpg
|
||||
@@ -100,7 +95,7 @@ else
|
||||
CC_URL="$CC_URL/${CC_VERSION}"
|
||||
CC_URL="$CC_URL/${CC_OS}/${CC_FILENAME}"
|
||||
say "$g ->$x Downloading $b${CC_URL}$x"
|
||||
curl -o "$CC_DOWNLOAD_DIR/$CC_FILENAME" $retry "$CC_URL"
|
||||
curl -O $retry "$CC_URL"
|
||||
say "$g==>$x Finishing downloading $b${CC_OS}:${CC_VERSION}$x"
|
||||
v_url="https://cli.codecov.io/api/${CC_OS}/${CC_VERSION}"
|
||||
v=$(curl $retry --retry-all-errors -s "$v_url" -H "Accept:application/json" | tr \{ '\n' | tr , '\n' | tr \} '\n' | grep "\"version\"" | awk -F'"' '{print $4}' | tail -1)
|
||||
@@ -115,19 +110,9 @@ then
|
||||
chmod +x "$CC_COMMAND"
|
||||
fi
|
||||
else
|
||||
gpg_key_url="https://keybase.io/codecovsecurity/pgp_keys.asc"
|
||||
gpg_import_ok=false
|
||||
for gpg_attempt in 1 2 3; do
|
||||
if curl -sf $retry "$gpg_key_url" | gpg --no-default-keyring --import 2>/dev/null; then
|
||||
gpg_import_ok=true
|
||||
break
|
||||
fi
|
||||
say "$r ->$x GPG key import attempt $gpg_attempt failed, retrying..."
|
||||
sleep 2
|
||||
done
|
||||
if [ "$gpg_import_ok" != "true" ]; then
|
||||
exit_if_error "Could not import GPG verification key after 3 attempts. Please contact Codecov if problem continues"
|
||||
fi
|
||||
echo "$(curl -s https://keybase.io/codecovsecurity/pgp_keys.asc)" | \
|
||||
gpg --no-default-keyring --import
|
||||
# One-time step
|
||||
say "$g==>$x Verifying GPG signature integrity"
|
||||
sha_url="https://cli.codecov.io"
|
||||
sha_url="${sha_url}/${CC_VERSION}/${CC_OS}"
|
||||
@@ -135,14 +120,14 @@ else
|
||||
say "$g ->$x Downloading $b${sha_url}$x"
|
||||
say "$g ->$x Downloading $b${sha_url}.sig$x"
|
||||
say " "
|
||||
curl -o "$CC_DOWNLOAD_DIR/${CC_FILENAME}.SHA256SUM" -s $retry --connect-timeout 2 "$sha_url"
|
||||
curl -o "$CC_DOWNLOAD_DIR/${CC_FILENAME}.SHA256SUM.sig" -s $retry --connect-timeout 2 "${sha_url}.sig"
|
||||
if ! gpg --verify "$CC_DOWNLOAD_DIR/${CC_FILENAME}.SHA256SUM.sig" "$CC_DOWNLOAD_DIR/${CC_FILENAME}.SHA256SUM";
|
||||
curl -Os $retry --connect-timeout 2 "$sha_url"
|
||||
curl -Os $retry --connect-timeout 2 "${sha_url}.sig"
|
||||
if ! gpg --verify "${CC_FILENAME}.SHA256SUM.sig" "${CC_FILENAME}.SHA256SUM";
|
||||
then
|
||||
exit_if_error "Could not verify signature. Please contact Codecov if problem continues"
|
||||
fi
|
||||
if ! (cd "$CC_DOWNLOAD_DIR" && (shasum -a 256 -c "${CC_FILENAME}.SHA256SUM" 2>/dev/null || \
|
||||
sha256sum -c "${CC_FILENAME}.SHA256SUM"));
|
||||
if ! (shasum -a 256 -c "${CC_FILENAME}.SHA256SUM" 2>/dev/null || \
|
||||
sha256sum -c "${CC_FILENAME}.SHA256SUM");
|
||||
then
|
||||
exit_if_error "Could not verify SHASUM. Please contact Codecov if problem continues"
|
||||
fi
|
||||
@@ -152,16 +137,11 @@ else
|
||||
fi
|
||||
if [ -n "$CC_BINARY_LOCATION" ];
|
||||
then
|
||||
mkdir -p "$CC_BINARY_LOCATION" && mv "$CC_COMMAND" "$CC_BINARY_LOCATION/$CC_FILENAME"
|
||||
CC_COMMAND="$CC_BINARY_LOCATION/$CC_FILENAME"
|
||||
mkdir -p "$CC_BINARY_LOCATION" && mv "$CC_FILENAME" $_
|
||||
say "$g==>$x ${CC_CLI_TYPE} binary moved to ${CC_BINARY_LOCATION}"
|
||||
fi
|
||||
if [ "$CC_DOWNLOAD_ONLY" = "true" ];
|
||||
then
|
||||
if [ -n "$CC_DOWNLOAD_DIR" ] && [ -z "$CC_BINARY_LOCATION" ]; then
|
||||
cp "$CC_COMMAND" "./$CC_FILENAME"
|
||||
CC_COMMAND="./$CC_FILENAME"
|
||||
fi
|
||||
say "$g==>$x ${CC_CLI_TYPE} download only called. Exiting..."
|
||||
exit
|
||||
fi
|
||||
|
||||
@@ -1 +1 @@
|
||||
5.5.2
|
||||
6.0.0
|
||||
|
||||
Reference in New Issue
Block a user