fix: override commit and pr values for PR cases (#1657)

* fix: override commit and pr values for PR cases

* fix: remove unnecessary env vars

* fix: add back in with env

* fix: try no env

* fix: do we need them at all?

* fix: dollar curlies

* fix: wrap github_env

* fix: remove dollar curlies

* fix: remove

Makefile

@@ -1,5 +1,5 @@
 deploy:
-  $(eval VERSION := $(shell cat src/version | grep 'CODECOV_ACTION_VERSION=' | cut -d\" -f2))
+	$(eval VERSION := $(shell cat src/version | grep 'CODECOV_ACTION_VERSION=' | cut -d\" -f2))
 	git tag -d v5
 	git push origin :v5
 	git tag v5

README.md

@@ -1,6 +1,6 @@
 # Codecov GitHub Action
 
-[![GitHub Marketplace](https://img.shields.io/badge/Marketplace-v4-undefined.svg?logo=github&logoColor=white&style=flat)](https://github.com/marketplace/actions/codecov)
+[![GitHub Marketplace](https://img.shields.io/badge/Marketplace-v5-undefined.svg?logo=github&logoColor=white&style=flat)](https://github.com/marketplace/actions/codecov)
 [![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fcodecov%2Fcodecov-action.svg?type=shield)](https://app.fossa.com/projects/git%2Bgithub.com%2Fcodecov%2Fcodecov-action?ref=badge_shield)
 [![Workflow for Codecov Action](https://github.com/codecov/codecov-action/actions/workflows/main.yml/badge.svg)](https://github.com/codecov/codecov-action/actions/workflows/main.yml)
 ### Easily upload coverage reports to Codecov from GitHub Actions
@@ -9,12 +9,13 @@
 `v5` of the Codecov GitHub Action will use the [Codecov Wrapper](https://github.com/codecov/wrapper) to encapsulate the [CLI](https://github.com/codecov/codecov-cli). This will help ensure that the Action gets updates quicker.
 
 ### Migration Guide
-The `v5` release also coincides with the opt-out feature for tokens for public repositories. In the repository settings page in codecov.io, you can set the ability for Codecov to receive a coverage report from ANY souce. This will allow contributors or other members of a repository to upload without needing access to the Codecov token.
+The `v5` release also coincides with the opt-out feature for tokens for public repositories. In the `Global Upload Token` section of the settings page of an organization in codecov.io, you can set the ability for Codecov to receive a coverage reports from any source. This will allow contributors or other members of a repository to upload without needing access to the Codecov token. For more details see [how to upload without a token](https://docs.codecov.com/docs/codecov-tokens#uploading-without-a-token).
+
+> [!WARNING]
+> **The following arguments have been changed**
+> - `file` (this has been deprecated in favor of `files`)
+> - `plugin` (this has been deprecated in favor of `plugins`)
 
-**The following arguments have been changed**
-- `file` (this has been deprecated in favor of `files`)
-- `plugin` (this has been deprecated in favor of `plugins`)
-  
 The following arguments have been added:
 
 - `binary`

VERSION

@@ -1 +0,0 @@
-5.0.0-beta

action.yml

@@ -166,22 +166,61 @@ runs:
         if [ ${{ inputs.use_oidc }} == 'true' ];
         then
           # {"count":1984,"value":"***"}
-          CODECOV_TOKEN=$(curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=api://AzureADTokenExchange" | cut -d\' -f6)
-          echo "CODECOV_TOKEN=$CODECOV_TOKEN" >> $GITHUB_ENV
+          CC_TOKEN=$(curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=api://AzureADTokenExchange" | cut -d\' -f6)
+          echo "CC_TOKEN=$CC_TOKEN" >> "$GITHUB_ENV"
         else
           if [ -n ${{ inputs.token }} ];
           then
-            CODECOV_TOKEN=${{ inputs.token }}
-            echo "CODECOV_TOKEN=$CODECOV_TOKEN" >> $GITHUB_ENV
+            CC_TOKEN=${{ inputs.token }}
+            echo "CC_TOKEN=$CC_TOKEN" >> "$GITHUB_ENV"
           fi
         fi
+
+    - name: Override branch for forks
+      shell: bash
+      run: |
+        if [ -z "$CC_BRANCH" ] && [ -z "$CC_TOKEN" ] && [ "${GITHUB_EVENT_PULL_REQUEST_REPO_FULL_NAME}" != "$GITHUB_REPOSITORY" ];
+        then
+          echo -e "\033[0;32m==>\033[0m Fork detected, tokenless uploading used"
+          TOKENLESS="$GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL"
+          CC_BRANCH="$GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL"
+          echo "TOKENLESS=$TOKENLESS" >> "$GITHUB_ENV"
+        fi
+
+        echo "CC_BRANCH=$CC_BRANCH" >> "$GITHUB_ENV"
+      env:
+        CC_BRANCH: ${{ inputs.override_branch }}
+        GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL: ${{ github.event.pull_request.head.label }}
+        GITHUB_EVENT_PULL_REQUEST_REPO_FULL_NAME: ${{ github.event.pull_request.repo.full_name }}
+        GITHUB_REPOSITORY: ${{ github.repository }}
+
+    - name: Override commits and pr for pull requests
+      shell: bash
+      run: |
+        if [ -z "$CC_SHA" ];
+        then
+          CC_SHA="$GITHUB_EVENT_PULL_REQUEST_HEAD_SHA"
+        fi
+        if [ -z "$CC_PR" ] && [ "${GITHUB_EVENT_NAME}" == "pull_request_target" ];
+        then
+          CC_PR="$GITHUB_EVENT_NUMBER"
+        fi
+
+        echo "CC_SHA=$CC_SHA" >> "$GITHUB_ENV"
+        echo "CC_PR=$CC_PR" >> "$GITHUB_ENV"
+      env:
+        CC_PR: ${{ inputs.override_pr }}
+        CC_SHA: ${{ inputs.override_commit }}
+        GITHUB_EVENT_NAME: ${{ github.event_name }}
+        GITHUB_EVENT_NUMBER: ${{ github.event.number }}
+        GITHUB_EVENT_PULL_REQUEST_HEAD_SHA: ${{ github.event.pull_request.head.sha }}
+
     - name: Upload coverage to Codecov
       run: ${GITHUB_ACTION_PATH}/dist/codecov.sh
       shell: bash
       working-directory: ${{ inputs.working-directory }}
       env:
         CC_BINARY: ${{ inputs.binary }}
-        CC_BRANCH: ${{ inputs.override_branch }}
         CC_BUILD: ${{ inputs.override_build }}
         CC_BUILD_URL: ${{ inputs.override_build_url }}
         CC_CODE: ${{ inputs.report_code }}
@@ -210,13 +249,10 @@ runs:
         CC_OS: ${{ inputs.os }}
         CC_PARENT_SHA: ${{ inputs.commit_parent }}
         CC_PLUGINS: ${{ inputs.plugins }}
-        CC_PR: ${{ inputs.override_pr }}
         CC_REPORT_TYPE: ${{ inputs.report_type }}
-        CC_SHA: ${{ inputs.override_commit }}
         CC_SKIP_VALIDATION: ${{ inputs.skip_validation }}
         CC_SLUG: ${{ inputs.slug }}
         CC_SWIFT_PROJECT: ${{ inputs.swift_project }}
-        CC_TOKEN: $CODECOV_TOKEN
         CC_VERBOSE: ${{ inputs.verbose }}
         CC_VERSION: ${{ inputs.version }}
         CC_YML_PATH: ${{ inputs.codecov_yml_path }}

dist/codecov.sh

@@ -1,5 +1,5 @@
 #!/usr/bin/env bash
-CC_WRAPPER_VERSION="0.0.22"
+CC_WRAPPER_VERSION="0.0.24"
 set +u
 say() {
   echo -e "$1"
@@ -80,13 +80,16 @@ else
   say "$g ->$x Downloading $b${cc_url}$x"
   curl -Os $cc_url
   say "$g==>$x Finishing downloading $b${cc_os}:${CC_VERSION}$x"
+  version_url="https://cli.codecov.io/${cc_os}/${CC_VERSION}"
+  version=$(curl -s $version_url -H "Accept:application/json" | jq -r '.version')
+  say "      Version: $b$version$x"
   say " "
 fi
 if [ "$CC_SKIP_VALIDATION" = "true" ] || [ -n "$CC_BINARY" ];
 then
   say "$r==>$x Bypassing validation as requested by user"
 else
-CC_PUBLIC_PGP_KEY=$(curl https://keybase.io/codecovsecurity/pgp_keys.asc)
+CC_PUBLIC_PGP_KEY=$(curl -s https://keybase.io/codecovsecurity/pgp_keys.asc)
   echo "${CC_PUBLIC_PGP_KEY}"  | \
     gpg --no-default-keyring --import
   # One-time step
@@ -131,6 +134,7 @@ cc_cr_args+=( $(write_existing_args CC_PR) )
 cc_cr_args+=( $(write_existing_args CC_SHA) )
 cc_cr_args+=( $(write_existing_args CC_SLUG) )
 cc_du_args=()
+cc_du_args+=( $(write_existing_args CC_ENV) )
 OLDIFS=$IFS;IFS=,
 cc_du_args+=( $(write_existing_args CC_BRANCH) )
 cc_du_args+=( $(write_existing_args CC_BUILD) )
@@ -140,7 +144,6 @@ cc_du_args+=( $(write_existing_args CC_DIR) )
 cc_du_args+=( $(write_truthy_args CC_DISABLE_FILE_FIXES) )
 cc_du_args+=( $(write_truthy_args CC_DISABLE_SEARCH) )
 cc_du_args+=( $(write_truthy_args CC_DRY_RUN) )
-cc_du_args+=( $(write_existing_args CC_ENV) )
 if [ -n "$CC_EXCLUDES" ];
 then
   for directory in $CC_EXCLUDES; do

src/version

@@ -1 +1 @@
-CODECOV_ACTION_VERSION="5.0.0"
+CODECOV_ACTION_VERSION="5.0.2"