codecov/codecov-action
1
0
Fork 0
mirror of https://github.com/codecov/codecov-action.git synced 2025-12-08 16:16:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: codecov:v4.2.0
Branches Tags
codecov:main codecov:dependabot/github_actions/github/codeql-action-4.31.7 codecov:dependabot/github_actions/actions/checkout-6.0.1 codecov:dependabot/github_actions/actions/upload-artifact-5.0.0 codecov:dependabot/github_actions/ossf/scorecard-action-2.4.3 codecov:th/add-repo-checkout codecov:dependabot/github_actions/actions/github-script-8.0.0 codecov:release/wrapper/0.2.2 codecov:th/release-5.5.0 codecov:release/wrapper/0.2.0 codecov:release/wrapper/0.0.34 codecov:release/wrapper/0.0.33 codecov:th/test-skip-validation codecov:release/wrapper/0.0.32 codecov:th/bump-scripts-and-logging codecov:th/fix-exiting codecov:tony/test-upload-coverage-wrapper codecov:th/fix-readme-formatting codecov:th/test codecov:release/wrapper/0.0.26 codecov:release/wrapper/0.0.25 codecov:th/do-not-merge codecov:release/wrapper/0.0.24 codecov:release/wrapper/0.0.23 codecov:v3 codecov:3.x codecov:snyk-fix-801131c752fa26ddd6a0256378a7dffa codecov:thomasrockhu-patch-1 codecov:fail-ci-test codecov:1.3.2 codecov:working-dir-fix codecov:1.1.0 codecov:update-name-default codecov:timeouts codecov:test-action codecov:retry-bash codecov:branch-support codecov:add-fail-input codecov:node-action
codecov:v5.5.1 codecov:v5 codecov:v5.5.0 codecov:v5.4.3 codecov:v5.4.2 codecov:v5.4.1 codecov:v5.4.1-beta codecov:v5.4.0 codecov:v5.3.1 codecov:v5.3.0 codecov:v5.2.0 codecov:v5.1.2 codecov:v5.1.1 codecov:v5.1.0 codecov:v5.0.7 codecov:v5.0.6 codecov:v5.0.5 codecov:v5.0.4 codecov:v5.0.3 codecov:v5.0.2 codecov:v5.0.1 codecov:v5.0.0 codecov:v5.0.0-beta codecov:v5-beta codecov:v4.6.0 codecov:v4 codecov:v4.5.0 codecov:v4.4.1 codecov:v4.4.0 codecov:v4.3.1 codecov:v4.3.0 codecov:v4.2.0 codecov:v4.1.1 codecov:v4.1.0 codecov:v4.0.2 codecov:v4.0.1 codecov:v4.0.0 codecov:v3.1.6 codecov:v3 codecov:v3.1.5 codecov:v4.0.0-beta.3 codecov:v4-beta codecov:v4.0.0-beta.2 codecov:v4.0.0-beta.1 codecov:v3.1.4 codecov:v3.1.3 codecov:v3.1.2 codecov:v3.1.1 codecov:v3.1.0 codecov:v3.0.0 codecov:v2.1.0 codecov:v2 codecov:v2.0.3 codecov:v2.0.2 codecov:v2.0.1 codecov:v2.0.0 codecov:2.0.0 codecov:v1.5.2 codecov:v1 codecov:v1.5.1 codecov:v1.5.0 codecov:v1.4.1 codecov:v1.4.0 codecov:v1.3.2 codecov:v1.3.1 codecov:v1.3.0 codecov:v1.2.2 codecov:v1.2.1 codecov:v1.2.0 codecov:v1.1.1 codecov:v1.1.0 codecov:v1.0.15 codecov:v1.0.14 codecov:v1.0.13 codecov:v1.0.12 codecov:v1.0.11 codecov:v1.0.10 codecov:v1.0.9 codecov:v1.0.8 codecov:v1.0.7 codecov:v1.0.6 codecov:v1.0.5 codecov:v1.0.4 codecov:v1.0.3 codecov:v1.0.2 codecov:v1.0.1 codecov:1.0.1 codecov:v1.0.0 codecov:v0.5.1 codecov:v0.5 codecov:v0.4.1 codecov:v0.4 codecov:v0.3 codecov:v0.2.1 codecov:v0.2 codecov:v0.1
..
compare: codecov:thomasrockhu-patch-1
Branches Tags
codecov:dependabot/github_actions/github/codeql-action-4.31.7 codecov:dependabot/github_actions/actions/checkout-6.0.1 codecov:main codecov:dependabot/github_actions/actions/upload-artifact-5.0.0 codecov:dependabot/github_actions/ossf/scorecard-action-2.4.3 codecov:th/add-repo-checkout codecov:dependabot/github_actions/actions/github-script-8.0.0 codecov:release/wrapper/0.2.2 codecov:th/release-5.5.0 codecov:release/wrapper/0.2.0 codecov:release/wrapper/0.0.34 codecov:release/wrapper/0.0.33 codecov:th/test-skip-validation codecov:release/wrapper/0.0.32 codecov:th/bump-scripts-and-logging codecov:th/fix-exiting codecov:tony/test-upload-coverage-wrapper codecov:th/fix-readme-formatting codecov:th/test codecov:release/wrapper/0.0.26 codecov:release/wrapper/0.0.25 codecov:th/do-not-merge codecov:release/wrapper/0.0.24 codecov:release/wrapper/0.0.23 codecov:v3 codecov:3.x codecov:snyk-fix-801131c752fa26ddd6a0256378a7dffa codecov:thomasrockhu-patch-1 codecov:fail-ci-test codecov:1.3.2 codecov:working-dir-fix codecov:1.1.0 codecov:update-name-default codecov:timeouts codecov:test-action codecov:retry-bash codecov:branch-support codecov:add-fail-input codecov:node-action
codecov:v5.5.1 codecov:v5 codecov:v5.5.0 codecov:v5.4.3 codecov:v5.4.2 codecov:v5.4.1 codecov:v5.4.1-beta codecov:v5.4.0 codecov:v5.3.1 codecov:v5.3.0 codecov:v5.2.0 codecov:v5.1.2 codecov:v5.1.1 codecov:v5.1.0 codecov:v5.0.7 codecov:v5.0.6 codecov:v5.0.5 codecov:v5.0.4 codecov:v5.0.3 codecov:v5.0.2 codecov:v5.0.1 codecov:v5.0.0 codecov:v5.0.0-beta codecov:v5-beta codecov:v4.6.0 codecov:v4 codecov:v4.5.0 codecov:v4.4.1 codecov:v4.4.0 codecov:v4.3.1 codecov:v4.3.0 codecov:v4.2.0 codecov:v4.1.1 codecov:v4.1.0 codecov:v4.0.2 codecov:v4.0.1 codecov:v4.0.0 codecov:v3.1.6 codecov:v3 codecov:v3.1.5 codecov:v4.0.0-beta.3 codecov:v4-beta codecov:v4.0.0-beta.2 codecov:v4.0.0-beta.1 codecov:v3.1.4 codecov:v3.1.3 codecov:v3.1.2 codecov:v3.1.1 codecov:v3.1.0 codecov:v3.0.0 codecov:v2.1.0 codecov:v2 codecov:v2.0.3 codecov:v2.0.2 codecov:v2.0.1 codecov:v2.0.0 codecov:2.0.0 codecov:v1.5.2 codecov:v1 codecov:v1.5.1 codecov:v1.5.0 codecov:v1.4.1 codecov:v1.4.0 codecov:v1.3.2 codecov:v1.3.1 codecov:v1.3.0 codecov:v1.2.2 codecov:v1.2.1 codecov:v1.2.0 codecov:v1.1.1 codecov:v1.1.0 codecov:v1.0.15 codecov:v1.0.14 codecov:v1.0.13 codecov:v1.0.12 codecov:v1.0.11 codecov:v1.0.10 codecov:v1.0.9 codecov:v1.0.8 codecov:v1.0.7 codecov:v1.0.6 codecov:v1.0.5 codecov:v1.0.4 codecov:v1.0.3 codecov:v1.0.2 codecov:v1.0.1 codecov:1.0.1 codecov:v1.0.0 codecov:v0.5.1 codecov:v0.5 codecov:v0.4.1 codecov:v0.4 codecov:v0.3 codecov:v0.2.1 codecov:v0.2 codecov:v0.1

1 Commits
v4.2.0 ... thomasrock

Author SHA1 Message Date
Tom Hu
07b62770b8 Create README.md 2021-07-23 09:51:05 -07:00
25 changed files with 13694 additions and 38231 deletions
Expand all files Collapse all files

1
.eslintrc.json
View File

@@ -17,7 +17,6 @@
"@typescript-eslint"
],
"rules": {
"max-len": ["error", { "code": 120 }],
"linebreak-style": 0
}
}

69
.github/workflows/codeql-analysis.yml vendored
View File

@@ -1,69 +0,0 @@
#
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
#
# ******** NOTE ********
# We have attempted to detect the languages in your repository. Please check
# the `language` matrix defined below to confirm you have the correct set of
# supported CodeQL languages.
#
name: "CodeQL"
on:
push:
branches: [ master ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ master ]
schedule:
- cron: '24 6 * * 5'
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: [ 'javascript' ]
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
# Learn more about CodeQL language support at https://git.io/codeql-language-support
steps:
- name: Checkout repository
uses: actions/checkout@v4.1.2
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3.24.9
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# queries: ./path/to/local/query, your-org/your-repo/queries@main
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v3.24.9
# Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
# ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
# and modify them (or add more) to build your code if your project
# uses a compiled language
#- run: |
# make bootstrap
# make release
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3.24.9

14
.github/workflows/enforce-license-compliance.yml vendored
View File

@@ -1,14 +0,0 @@
name: Enforce License Compliance
on:
pull_request:
branches: [main, master]
jobs:
enforce-license-compliance:
runs-on: ubuntu-latest
steps:
- name: 'Enforce License Compliance'
uses: getsentry/action-enforce-license-compliance@57ba820387a1a9315a46115ee276b2968da51f3d # main
with:
fossa_api_key: ${{ secrets.FOSSA_API_KEY }}

79
.github/workflows/main.yml vendored
View File

@@ -1,14 +1,35 @@
name: Workflow for Codecov Action
on: [push, pull_request]
jobs:
no-deps:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [macos-latest, windows-latest, ubuntu-latest]
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Upload coverage to Codecov (script)
uses: ./
with:
files: ./coverage/script/coverage-final.json
flags: script,${{ matrix.os }}
name: codecov-script
- name: Upload coverage to Codecov (demo)
uses: ./
with:
files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json
file: ./coverage/coverage-final.json
flags: demo,${{ matrix.os }}
name: codecov-demo
run:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [macos-latest, windows-latest, ubuntu-latest, macos-latest-xlarge]
os: [macos-latest, windows-latest, ubuntu-latest]
steps:
- name: Checkout
uses: actions/checkout@v4.1.2
uses: actions/checkout@v2
- name: Install dependencies
run: npm install
- name: Lint
@@ -21,8 +42,6 @@ jobs:
files: ./coverage/script/coverage-final.json
flags: script,${{ matrix.os }}
name: codecov-script
verbose: true
token: ${{ secrets.CODECOV_TOKEN }}
- name: Upload coverage to Codecov (demo)
uses: ./
with:
@@ -30,55 +49,3 @@ jobs:
file: ./coverage/coverage-final.json
flags: demo,${{ matrix.os }}
name: codecov-demo
verbose: true
token: ${{ secrets.CODECOV_TOKEN }}
- name: Upload coverage to Codecov (version)
uses: ./
with:
files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json
file: ./coverage/coverage-final.json
flags: version,${{ matrix.os }}
name: codecov-version
version: v0.2.0
verbose: true
token: ${{ secrets.CODECOV_TOKEN }}
run-container:
runs-on: ubuntu-latest
container: node:18
steps:
- name: Checkout
uses: actions/checkout@v4.1.2
- name: Install dependencies
run: npm install
- name: Lint
run: npm run lint
- name: Run tests and collect coverage
run: npm run test
- name: Upload coverage to Codecov (script)
uses: ./
with:
files: ./coverage/script/coverage-final.json
flags: script,${{ matrix.os }}
name: codecov-script
verbose: true
token: ${{ secrets.CODECOV_TOKEN }}
- name: Upload coverage to Codecov (demo)
uses: ./
with:
files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json
file: ./coverage/coverage-final.json
flags: demo,${{ matrix.os }}
name: codecov-demo
verbose: true
token: ${{ secrets.CODECOV_TOKEN }}
- name: Upload coverage to Codecov (version)
uses: ./
with:
files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json
file: ./coverage/coverage-final.json
flags: version,${{ matrix.os }}
name: codecov-version
version: v0.2.0
verbose: true
token: ${{ secrets.CODECOV_TOKEN }}

61
.github/workflows/scorecards-analysis.yml vendored
View File

@@ -1,61 +0,0 @@
name: Scorecards supply-chain security
on:
# Only the default branch is supported.
branch_protection_rule:
schedule:
- cron: '43 20 * * 1'
push:
branches: [ master ]
# Declare default permissions as read only.
permissions: read-all
jobs:
analysis:
name: Scorecards analysis
runs-on: ubuntu-latest
permissions:
# Needed to upload the results to code-scanning dashboard.
security-events: write
# Used to receive a badge. (Upcoming feature)
id-token: write
actions: read
contents: read
steps:
- name: "Checkout code"
uses: actions/checkout@v4.1.2 # v3.0.0
with:
persist-credentials: false
- name: "Run analysis"
uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
with:
results_file: results.sarif
results_format: sarif
# (Optional) Read-only PAT token. Uncomment the `repo_token` line below if:
# - you want to enable the Branch-Protection check on a *public* repository, or
# - you are installing Scorecards on a *private* repository
# To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat.
# repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
# Publish the results for public repositories to enable scorecard badges. For more details, see
# https://github.com/ossf/scorecard-action#publishing-results.
# For private repositories, `publish_results` will automatically be set to `false`, regardless
# of the value entered here.
publish_results: true
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
with:
name: SARIF file
path: results.sarif
retention-days: 5
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@v3.24.9 # v1.0.26
with:
sarif_file: results.sarif

168
CHANGELOG.md
View File

@@ -1,171 +1,3 @@
## 4.0.0-beta.2
### Fixes
- #1085 not adding -n if empty to do-upload command
## 4.0.0-beta.1
`v4` represents a move from the [universal uploader](https://github.com/codecov/uploader) to the [Codecov CLI](https://github.com/codecov/codecov-cli). Although this will unlock new features for our users, the CLI is not yet at feature parity with the universal uploader.
### Breaking Changes
- No current support for `aarch64` and `alpine` architectures.
- Tokenless uploading is unsuported
- Various arguments to the Action have been removed
## 3.1.4
### Fixes
- #967 Fix typo in README.md
- #971 fix: add back in working dir
- #969 fix: CLI option names for uploader
### Dependencies
- #970 build(deps-dev): bump @types/node from 18.15.12 to 18.16.3
- #979 build(deps-dev): bump @types/node from 20.1.0 to 20.1.2
- #981 build(deps-dev): bump @types/node from 20.1.2 to 20.1.4
## 3.1.3
### Fixes
- #960 fix: allow for aarch64 build
### Dependencies
- #957 build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0
- #958 build(deps): bump openpgp from 5.7.0 to 5.8.0
- #959 build(deps-dev): bump @types/node from 18.15.10 to 18.15.12
## 3.1.2
### Fixes
- #718 Update README.md
- #851 Remove unsupported path_to_write_report argument
- #898 codeql-analysis.yml
- #901 Update README to contain correct information - inputs and negate feature
- #955 fix: add in all the extra arguments for uploader
### Dependencies
- #819 build(deps): bump openpgp from 5.4.0 to 5.5.0
- #835 build(deps): bump node-fetch from 3.2.4 to 3.2.10
- #840 build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4
- #841 build(deps): bump @actions/core from 1.9.1 to 1.10.0
- #843 build(deps): bump @actions/github from 5.0.3 to 5.1.1
- #869 build(deps): bump node-fetch from 3.2.10 to 3.3.0
- #872 build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0
- #879 build(deps): bump decode-uri-component from 0.2.0 to 0.2.2
- #889 build(deps): bump ossf/scorecard-action from 1.1.1 to 2.1.2
- #895 build(deps): bump json5 from 2.2.1 to 2.2.3
- #896 build(deps): bump actions/upload-artifact from 3.1.0 to 3.1.2
- #900 build(deps-dev): bump @vercel/ncc from 0.34.0 to 0.36.1
- #905 build(deps-dev): bump typescript from 4.7.4 to 4.9.5
- #911 build(deps-dev): bump @types/node from 16.11.40 to 18.13.0
- #922 build(deps-dev): bump @types/node from 18.13.0 to 18.14.0
- #924 build(deps): bump openpgp from 5.5.0 to 5.7.0
- #927 build(deps-dev): bump @types/node from 18.14.0 to 18.14.2
- #933 build(deps-dev): bump @types/node from 18.14.2 to 18.14.6
- #937 build(deps-dev): bump @types/node from 18.14.6 to 18.15.0
- #938 build(deps): bump node-fetch from 3.3.0 to 3.3.1
- #945 build(deps-dev): bump @types/node from 18.15.0 to 18.15.5
- #946 build(deps-dev): bump @types/node from 18.15.5 to 18.15.6
- #947 build(deps-dev): bump @types/node from 18.15.6 to 18.15.10
- #951 build(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3
## 3.1.1
### Fixes
- #661 Update deprecation warning
- #593 Create codeql-analysis.yml
- #712 README: fix typo
- #725 fix: Remove a blank row
- #726 Update README.md with correct badge version
- #633 Create scorecards-analysis.yml
- #747 fix: add more verbosity to validation
- #750 Regenerate scorecards-analysis.yml
- #774 Switch to v3
- #783 Fix network entry in table
- #791 Trim arguments after splitting them
- #769 Plumb failCi into verification function.
### Dependencies
- #713 build(deps-dev): bump typescript from 4.6.3 to 4.6.4
- #714 build(deps): bump node-fetch from 3.2.3 to 3.2.4
- #724 build(deps): bump github/codeql-action from 1 to 2
- #717 build(deps-dev): bump @types/jest from 27.4.1 to 27.5.0
- #729 build(deps-dev): bump @types/node from 17.0.25 to 17.0.33
- #734 build(deps-dev): downgrade @types/node to 16.11.35
- #723 build(deps): bump actions/checkout from 2 to 3
- #733 build(deps): bump @actions/github from 5.0.1 to 5.0.3
- #732 build(deps): bump @actions/core from 1.6.0 to 1.8.2
- #737 build(deps-dev): bump @types/node from 16.11.35 to 16.11.36
- #749 build(deps): bump ossf/scorecard-action from 1.0.1 to 1.1.0
- #755 build(deps-dev): bump typescript from 4.6.4 to 4.7.3
- #759 build(deps-dev): bump @types/node from 16.11.36 to 16.11.39
- #762 build(deps-dev): bump @types/node from 16.11.39 to 16.11.40
- #746 build(deps-dev): bump @vercel/ncc from 0.33.4 to 0.34.0
- #757 build(deps): bump ossf/scorecard-action from 1.1.0 to 1.1.1
- #760 build(deps): bump openpgp from 5.2.1 to 5.3.0
- #748 build(deps): bump actions/upload-artifact from 2.3.1 to 3.1.0
- #766 build(deps-dev): bump typescript from 4.7.3 to 4.7.4
- #799 build(deps): bump openpgp from 5.3.0 to 5.4.0
- #798 build(deps): bump @actions/core from 1.8.2 to 1.9.1
## 3.1.0
### Features
- #699 Incorporate `xcode` arguments for the Codecov uploader
### Dependencies
- #694 build(deps-dev): bump @vercel/ncc from 0.33.3 to 0.33.4
- #696 build(deps-dev): bump @types/node from 17.0.23 to 17.0.25
- #698 build(deps-dev): bump jest-junit from 13.0.0 to 13.2.0
## 3.0.0
### Breaking Changes
- #689 Bump to node16 and small fixes
### Features
- #688 Incorporate `gcov` arguments for the Codecov uploader
### Dependencies
- #548 build(deps-dev): bump jest-junit from 12.2.0 to 13.0.0
- #603 [Snyk] Upgrade @actions/core from 1.5.0 to 1.6.0
- #628 build(deps): bump node-fetch from 2.6.1 to 3.1.1
- #634 build(deps): bump node-fetch from 3.1.1 to 3.2.0
- #636 build(deps): bump openpgp from 5.0.1 to 5.1.0
- #652 build(deps-dev): bump @vercel/ncc from 0.30.0 to 0.33.3
- #653 build(deps-dev): bump @types/node from 16.11.21 to 17.0.18
- #659 build(deps-dev): bump @types/jest from 27.4.0 to 27.4.1
- #667 build(deps): bump actions/checkout from 2 to 3
- #673 build(deps): bump node-fetch from 3.2.0 to 3.2.3
- #683 build(deps): bump minimist from 1.2.5 to 1.2.6
- #685 build(deps): bump @actions/github from 5.0.0 to 5.0.1
- #681 build(deps-dev): bump @types/node from 17.0.18 to 17.0.23
- #682 build(deps-dev): bump typescript from 4.5.5 to 4.6.3
- #676 build(deps): bump @actions/exec from 1.1.0 to 1.1.1
- #675 build(deps): bump openpgp from 5.1.0 to 5.2.1
## 2.1.0
### Features
- #515 Allow specifying version of Codecov uploader
### Dependencies
- #499 build(deps-dev): bump @vercel/ncc from 0.29.0 to 0.30.0
- #508 build(deps): bump openpgp from 5.0.0-5 to 5.0.0
- #514 build(deps-dev): bump @types/node from 16.6.0 to 16.9.0
## 2.0.3
### Fixes
- #464 Fix wrong link in the readme
- #485 fix: Add override OS and linux default to platform
### Dependencies
- #447 build(deps): bump openpgp from 5.0.0-4 to 5.0.0-5
- #458 build(deps-dev): bump eslint from 7.31.0 to 7.32.0
- #465 build(deps-dev): bump @typescript-eslint/eslint-plugin from 4.28.4 to 4.29.1
- #466 build(deps-dev): bump @typescript-eslint/parser from 4.28.4 to 4.29.1
- #468 build(deps-dev): bump @types/jest from 26.0.24 to 27.0.0
- #470 build(deps-dev): bump @types/node from 16.4.0 to 16.6.0
- #472 build(deps): bump path-parse from 1.0.6 to 1.0.7
- #473 build(deps-dev): bump @types/jest from 27.0.0 to 27.0.1
- #478 build(deps-dev): bump @typescript-eslint/parser from 4.29.1 to 4.29.2
- #479 build(deps-dev): bump @typescript-eslint/eslint-plugin from 4.29.1 to 4.29.2
- #481 build(deps-dev): bump @types/node from 16.6.0 to 16.6.2
- #483 build(deps-dev): bump @vercel/ncc from 0.29.0 to 0.29.2
- #484 build(deps): bump @actions/core from 1.4.0 to 1.5.0
## 2.0.2
### Fixes
- Underlying uploader fixes issues with tokens not being sent properly for users seeing

8
Makefile
View File

@@ -1,7 +1,7 @@
deploy:
$(eval VERSION := $(shell cat package.json | grep '"version": ' | cut -d\" -f4))
git tag -d v4
git push origin :v4
git tag v4
git tag v$(VERSION) -s -m ""
git tag -d v2
git push origin :v2
git tag v2
git tag v$(VERSION) -m ""
git push origin --tags

127
README.md
View File

@@ -1,119 +1,79 @@
# Codecov GitHub Action
[![GitHub Marketplace](https://img.shields.io/badge/Marketplace-v4-undefined.svg?logo=github&logoColor=white&style=flat)](https://github.com/marketplace/actions/codecov)
[![GitHub Marketplace](https://img.shields.io/badge/Marketplace-v2-undefined.svg?logo=github&logoColor=white&style=flat)](https://github.com/marketplace/actions/codecov)
[![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fcodecov%2Fcodecov-action.svg?type=shield)](https://app.fossa.com/projects/git%2Bgithub.com%2Fcodecov%2Fcodecov-action?ref=badge_shield)
[![Workflow for Codecov Action](https://github.com/codecov/codecov-action/actions/workflows/main.yml/badge.svg)](https://github.com/codecov/codecov-action/actions/workflows/main.yml)
### Easily upload coverage reports to Codecov from GitHub Actions
## v4 Release
`v4` of the Codecov GitHub Action will use the [Codecov CLI](https://github.com/codecov/codecov-cli) to upload coverage reports to Codecov.
>The latest release of this Action adds support for tokenless uploads from GitHub Actions!
### Breaking Changes
- Tokenless uploading is unsupported. However, PRs made from forks to the upstream public repos will support tokenless (e.g. contributors to OS projects do not need the upstream repo's Codecov token)
- Various arguments to the Action have been removed
## ⚠️ Deprecration of v1
**On February 1, 2022, this version will be fully sunset and no longer function**
### Dependabot
- For repositories using `Dependabot`, users will need to ensure that it has access to the Codecov token for PRs from Dependabot to upload coverage. To do this, please add your `CODECOV_TOKEN` as a Dependabot Secret. For more information, see ["Configuring access to private registries for Dependabot."](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/configuring-access-to-private-registries-for-dependabot#storing-credentials-for-dependabot-to-use)
Due to the [deprecation](https://about.codecov.io/blog/introducting-codecovs-new-uploader/) of the underlying bash uploader,
the Codecov GitHub Action has released `v2` which will use the new [uploader](https://github.com/codecov/uploader). You can learn
more about our deprecation plan and the new uploader on our [blog](https://about.codecov.io/blog/introducing-codecovs-new-uploader/).
`v3` versions and below will not have access to CLI features (e.g. global upload token, ATS).
We will be restricting any updates to the `v1` Action to security updates and hotfixes.
### Migration from `v1` to `v2`
The `v2` uploader has a few breaking changes for users
- Multiple fields have not been transferred from the bash uploader or have been deprecated. Notably
many of the `functionalities` and `gcov_` arguments have been removed. Please check the documentation
below for the full list.
## Usage
To integrate Codecov with your Actions pipeline, specify the name of this repository with a tag number (`@v4` is recommended) as a `step` within your `workflow.yml` file.
To integrate Codecov with your Actions pipeline, specify the name of this repository with a tag number (`@v2` is recommended) as a `step` within your `workflow.yml` file.
This Action also requires you to [provide an upload token](https://docs.codecov.io/docs/frequently-asked-questions#section-where-is-the-repository-upload-token-found-) from [codecov.io](https://www.codecov.io) (tip: in order to avoid exposing your token, [store it](https://docs.codecov.com/docs/adding-the-codecov-token#github-actions) as a `secret`).
Currently, the Action will identify linux, macos, and windows runners. However, the Action may misidentify other architectures. The OS can be specified as
- alpine
- alpine-arm64
- linux
- linux-arm64
- macos
- windows
If you have a *private repository*, this Action also requires you to [provide an upload token](https://docs.codecov.io/docs/frequently-asked-questions#section-where-is-the-repository-upload-token-found-) from [codecov.io](https://www.codecov.io) (tip: in order to avoid exposing your token, store it as a `secret`). Optionally, you can choose to include up to four additional inputs to customize the upload context. **For public repositories, no token is needed**
Inside your `.github/workflows/workflow.yml` file:
```yaml
steps:
- uses: actions/checkout@master
- uses: codecov/codecov-action@v4
- uses: codecov/codecov-action@v2
with:
fail_ci_if_error: true # optional (default = false)
token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos
files: ./coverage1.xml,./coverage2.xml # optional
flags: unittests # optional
name: codecov-umbrella # optional
token: ${{ secrets.CODECOV_TOKEN }} # required
verbose: true # optional (default = false)
```
The Codecov token can also be passed in via environment variables:
```yaml
steps:
- uses: actions/checkout@master
- uses: codecov/codecov-action@v4
with:
fail_ci_if_error: true # optional (default = false)
files: ./coverage1.xml,./coverage2.xml # optional
flags: unittests # optional
name: codecov-umbrella # optional
verbose: true # optional (default = false)
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
```
> [!NOTE]
> This assumes that you've set your Codecov token inside *Settings > Secrets* as `CODECOV_TOKEN`. If not, you can [get an upload token](https://docs.codecov.io/docs/frequently-asked-questions#section-where-is-the-repository-upload-token-found-) for your specific repo on [codecov.io](https://www.codecov.io). Keep in mind that secrets are *not* available to forks of repositories.
### Using OIDC
For users with [OpenID Connect(OIDC) enabled](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect), the Codecov token is not necessary. You can use OIDC with the `use_oidc` argument as following.
```yaml
- uses: codecov/codecov-action@v4
with:
use_oidc: true
```
Any token supplied will be ignored, as Codecov will default to the OIDC token for verification.
>**Note**: This assumes that you've set your Codecov token inside *Settings > Secrets* as `CODECOV_TOKEN`. If not, you can [get an upload token](https://docs.codecov.io/docs/frequently-asked-questions#section-where-is-the-repository-upload-token-found-) for your specific repo on [codecov.io](https://www.codecov.io). Keep in mind that secrets are *not* available to forks of repositories.
## Arguments
Codecov's Action supports inputs from the user. These inputs, along with their descriptions and usage contexts, are listed in the table below:
Codecov's Action currently supports five inputs from the user: `token`, `file`, `flags`,`name`, and `fail_ci_if_error`. These inputs, along with their descriptions and usage contexts, are listed in the table below:
| Input | Description | Required |
| :--- | :--- | :---: |
| `token` | Repository Codecov token. Used to authorize report uploads | *Required
| `codecov_yml_path` | Specify the path to the Codecov YML | Optional
| `commit_parent` | Override to specify the parent commit SHA | Optional
| Input | Description | Usage |
| :---: | :---: | :---: |
| `token` | Used to authorize coverage report uploads | *Required for private repos* |
| `files` | Comma-separated paths to the coverage report(s) | Optional
| `directory` | Directory to search for coverage reports. | Optional
| `disable_search` | Disable search for coverage files. This is helpful when specifying what files you want to upload with the --file option. | Optional
| `disable_file_fixes` | Disable file fixes to ignore common lines from coverage (e.g. blank lines or empty brackets) | Optional
| `dry_run` | Don't upload files to Codecov | Optional
| `env_vars` | Environment variables to tag the upload with (e.g. PYTHON \| OS,PYTHON) | Optional
| `exclude` | Folders to exclude from search | Optional
| `fail_ci_if_error` | Specify whether or not CI build should fail if Codecov runs into an error during upload | Optional
| `file` | Path to coverage file to upload | Optional
| `files` | Comma-separated list of files to upload | Optional
| `flags` | Flag upload to group coverage metrics (e.g. unittests \| integration \| ui,chrome) | Optional
| `handle_no_reports_found` | Raise no exceptions when no coverage reports found | Optional
| `job_code` | The job code | Optional
| `name` | User defined upload name. Visible in Codecov UI | Optional
| `os` | Override the assumed OS. Options are linux \| macos \| windows \| . | Optional
| `flags` | Flag the upload to group coverage metrics (unittests, uitests, etc.). Multiple flags are separated by a comma (ui,chrome) | Optional
| | |
| `commit_parent` | The commit SHA of the parent for which you are uploading coverage. If not present, the parent will be determined using the API of your repository provider. When using the repository provider's API, the parent is determined via finding the closest ancestor to the commit. | Optional
| `env_vars` | Environment variables to tag the upload with. Multiple env variables can be separated with commas (e.g. `OS,PYTHON`) | Optional
| `fail_ci_if_error` | Specify if CI pipeline should fail when Codecov runs into errors during upload. *Defaults to **false*** | Optional
-| `functionalities` | Toggle functionalities | Optional
-| | `network` Disable uploading the file network |
| `move_coverage_to_trash` | Move discovered coverage reports to the trash | Optional
| `name` | Custom defined name for the upload | Optional
| `override_branch` | Specify the branch name | Optional
| `override_build` | Specify the build number | Optional
| `override_build_url` | The URL of the build where this is running | Optional
| `override_commit` | Specify the commit SHA | Optional
| `override_pr` | Specify the pull request number | Optional
| `plugin` | plugins to run. Options: xcode, gcov, pycoverage. The default behavior runs them all. | Optional
| `plugins` | Comma-separated list of plugins for use during upload. | Optional
| `report_code` | The code of the report. If unsure, do not include | Optional
| `root_dir` | Used to specify the location of your .git root to identify project root directory | Optional
| `override_tag` | Specify the git tag | Optional
| `path_to_write_report` | Write upload file to path before uploading | Optional
| `root_dir` | Used when not in git/hg project to identify project root directory | Optional
| `slug` | Specify the slug manually (Enterprise use) | Optional
| `url` | Specify the base url to upload (Enterprise use) | Optional
| `use_legacy_upload_endpoint` | Use the legacy upload endpoint | Optional
| `use_oidc` | Use OpenID Connect for verification instead of token. This will ignore any token supplied. Please see [GitHub documentation](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect) for details.
| `url` | Change the upload host (Enterprise use) | Optional
| `verbose` | Specify whether the Codecov output should be verbose | Optional
| `version` | Specify which version of the Codecov CLI should be used. Defaults to `latest` | Optional
| `working-directory` | Directory in which to execute codecov.sh | Optional
| `working-directory` | Directory in which to execute `codecov.sh` | Optional
### Example `workflow.yml` with Codecov Action
@@ -128,28 +88,29 @@ jobs:
os: [ubuntu-latest, macos-latest, windows-latest]
env:
OS: ${{ matrix.os }}
PYTHON: '3.10'
PYTHON: '3.7'
steps:
- uses: actions/checkout@master
- name: Setup Python
uses: actions/setup-python@master
with:
python-version: 3.10
python-version: 3.7
- name: Generate coverage report
run: |
pip install pytest
pip install pytest-cov
pytest --cov=./ --cov-report=xml
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v4
uses: codecov/codecov-action@v2
with:
token: ${{ secrets.CODECOV_TOKEN }}
directory: ./coverage/reports/
env_vars: OS,PYTHON
fail_ci_if_error: true
files: ./coverage1.xml,./coverage2.xml,!./cache
files: ./coverage1.xml,./coverage2.xml
flags: unittests
name: codecov-umbrella
token: ${{ secrets.CODECOV_TOKEN }}
path_to_write_report: ./coverage/codecov_report.txt
verbose: true
```
## Contributing

69
action.yml
View File

@@ -3,25 +3,19 @@ description: 'GitHub Action that uploads coverage reports for your repository to
author: 'Ibrahim Ali <@ibrahim0814> & Thomas Hu <@thomasrockhu> | Codecov'
inputs:
token:
description: 'Repository Codecov token. Used to authorize report uploads'
description: 'Repository upload token - get it from codecov.io. Required only for private repositories'
required: false
codecov_yml_path:
description: 'Specify the path to the Codecov YML'
required: false
commit_parent:
description: 'Override to specify the parent commit SHA'
files:
description: 'Comma-separated list of files to upload'
required: false
directory:
description: 'Directory to search for coverage reports.'
required: false
disable_file_fixes:
description: 'Disable file fixes to ignore common lines from coverage (e.g. blank lines or empty brackets)'
flags:
description: 'Flag upload to group coverage metrics (e.g. unittests | integration | ui,chrome)'
required: false
disable_search:
description: 'Disable search for coverage files. This is helpful when specifying what files you want to upload with the --file option.'
required: false
disable_safe_directory:
description: 'Disable setting safe directory. Set to true to disable.'
commit_parent:
description: 'The commit SHA of the parent for which you are uploading coverage. If not present, the parent will be determined using the API of your repository provider. When using the repository providers API, the parent is determined via finding the closest ancestor to the commit.'
required: false
dry_run:
description: "Don't upload files to Codecov"
@@ -29,59 +23,35 @@ inputs:
env_vars:
description: 'Environment variables to tag the upload with (e.g. PYTHON | OS,PYTHON)'
required: false
exclude:
description: 'Folders to exclude from search'
required: false
fail_ci_if_error:
description: 'Specify whether or not CI build should fail if Codecov runs into an error during upload'
required: false
file:
description: 'Path to coverage file to upload'
required: false
files:
description: 'Comma-separated list of files to upload'
functionalities:
description: 'Comma-separated list, see the README for options and their usage'
required: false
flags:
description: 'Flag upload to group coverage metrics (e.g. unittests | integration | ui,chrome)'
required: false
git_service:
description: 'Override the git_service (e.g. github_enterprise)'
required: false
handle_no_reports_found:
description: 'Raise no exceptions when no coverage reports found'
required: false
job_code:
description: 'The job code'
move_coverage_to_trash:
description: 'Move discovered coverage reports to the trash'
required: false
name:
description: 'User defined upload name. Visible in Codecov UI'
required: false
os:
description: 'Override the assumed OS. Options are linux | macos | windows.'
required: false
override_branch:
description: 'Specify the branch name'
required: false
override_build:
description: 'Specify the build number'
required: false
override_build_url:
description: 'The URL of the build where this is running'
required: false
override_commit:
description: 'Specify the commit SHA'
required: false
override_pr:
description: 'Specify the pull request number'
required: false
plugin:
description: 'plugins to run. Options: xcode, gcov, pycoverage. The default behavior runs them all.'
required: false
plugins:
description: 'Comma-separated list of plugins for use during upload.'
required: false
report_code:
description: 'The code of the report. If unsure, do not include'
override_tag:
description: 'Specify the git tag'
required: false
root_dir:
description: 'Used when not in git/hg project to identify project root directory'
@@ -90,20 +60,11 @@ inputs:
description: 'Specify the slug manually (Enterprise use)'
required: false
url:
description: 'Specify the base url to upload (Enterprise use)'
required: false
use_legacy_upload_endpoint:
description: 'Use the legacy upload endpoint'
required: false
use_oidc:
description: 'Use OIDC instead of token. This will ignore any token supplied'
description: 'Change the upload host (Enterprise use)'
required: false
verbose:
description: 'Specify whether the Codecov output should be verbose'
required: false
version:
description: 'Specify which version of the Codecov CLI should be used. Defaults to `latest`'
required: false
working-directory:
description: 'Directory in which to execute codecov.sh'
required: false
@@ -111,5 +72,5 @@ branding:
color: 'red'
icon: 'umbrella'
runs:
using: 'node20'
using: 'node12'
main: 'dist/index.js'

453
dist/37.index.js vendored
View File

@@ -1,453 +0,0 @@
"use strict";
exports.id = 37;
exports.ids = [37];
exports.modules = {
/***/ 4037:
/***/ ((__unused_webpack___webpack_module__, __webpack_exports__, __webpack_require__) => {
__webpack_require__.r(__webpack_exports__);
/* harmony export */ __webpack_require__.d(__webpack_exports__, {
/* harmony export */ "toFormData": () => (/* binding */ toFormData)
/* harmony export */ });
/* harmony import */ var fetch_blob_from_js__WEBPACK_IMPORTED_MODULE_0__ = __webpack_require__(2777);
/* harmony import */ var formdata_polyfill_esm_min_js__WEBPACK_IMPORTED_MODULE_1__ = __webpack_require__(8010);
let s = 0;
const S = {
START_BOUNDARY: s++,
HEADER_FIELD_START: s++,
HEADER_FIELD: s++,
HEADER_VALUE_START: s++,
HEADER_VALUE: s++,
HEADER_VALUE_ALMOST_DONE: s++,
HEADERS_ALMOST_DONE: s++,
PART_DATA_START: s++,
PART_DATA: s++,
END: s++
};
let f = 1;
const F = {
PART_BOUNDARY: f,
LAST_BOUNDARY: f *= 2
};
const LF = 10;
const CR = 13;
const SPACE = 32;
const HYPHEN = 45;
const COLON = 58;
const A = 97;
const Z = 122;
const lower = c => c | 0x20;
const noop = () => {};
class MultipartParser {
/**
* @param {string} boundary
*/
constructor(boundary) {
this.index = 0;
this.flags = 0;
this.onHeaderEnd = noop;
this.onHeaderField = noop;
this.onHeadersEnd = noop;
this.onHeaderValue = noop;
this.onPartBegin = noop;
this.onPartData = noop;
this.onPartEnd = noop;
this.boundaryChars = {};
boundary = '\r\n--' + boundary;
const ui8a = new Uint8Array(boundary.length);
for (let i = 0; i < boundary.length; i++) {
ui8a[i] = boundary.charCodeAt(i);
this.boundaryChars[ui8a[i]] = true;
}
this.boundary = ui8a;
this.lookbehind = new Uint8Array(this.boundary.length + 8);
this.state = S.START_BOUNDARY;
}
/**
* @param {Uint8Array} data
*/
write(data) {
let i = 0;
const length_ = data.length;
let previousIndex = this.index;
let {lookbehind, boundary, boundaryChars, index, state, flags} = this;
const boundaryLength = this.boundary.length;
const boundaryEnd = boundaryLength - 1;
const bufferLength = data.length;
let c;
let cl;
const mark = name => {
this[name + 'Mark'] = i;
};
const clear = name => {
delete this[name + 'Mark'];
};
const callback = (callbackSymbol, start, end, ui8a) => {
if (start === undefined || start !== end) {
this[callbackSymbol](ui8a && ui8a.subarray(start, end));
}
};
const dataCallback = (name, clear) => {
const markSymbol = name + 'Mark';
if (!(markSymbol in this)) {
return;
}
if (clear) {
callback(name, this[markSymbol], i, data);
delete this[markSymbol];
} else {
callback(name, this[markSymbol], data.length, data);
this[markSymbol] = 0;
}
};
for (i = 0; i < length_; i++) {
c = data[i];
switch (state) {
case S.START_BOUNDARY:
if (index === boundary.length - 2) {
if (c === HYPHEN) {
flags |= F.LAST_BOUNDARY;
} else if (c !== CR) {
return;
}
index++;
break;
} else if (index - 1 === boundary.length - 2) {
if (flags & F.LAST_BOUNDARY && c === HYPHEN) {
state = S.END;
flags = 0;
} else if (!(flags & F.LAST_BOUNDARY) && c === LF) {
index = 0;
callback('onPartBegin');
state = S.HEADER_FIELD_START;
} else {
return;
}
break;
}
if (c !== boundary[index + 2]) {
index = -2;
}
if (c === boundary[index + 2]) {
index++;
}
break;
case S.HEADER_FIELD_START:
state = S.HEADER_FIELD;
mark('onHeaderField');
index = 0;
// falls through
case S.HEADER_FIELD:
if (c === CR) {
clear('onHeaderField');
state = S.HEADERS_ALMOST_DONE;
break;
}
index++;
if (c === HYPHEN) {
break;
}
if (c === COLON) {
if (index === 1) {
// empty header field
return;
}
dataCallback('onHeaderField', true);
state = S.HEADER_VALUE_START;
break;
}
cl = lower(c);
if (cl < A || cl > Z) {
return;
}
break;
case S.HEADER_VALUE_START:
if (c === SPACE) {
break;
}
mark('onHeaderValue');
state = S.HEADER_VALUE;
// falls through
case S.HEADER_VALUE:
if (c === CR) {
dataCallback('onHeaderValue', true);
callback('onHeaderEnd');
state = S.HEADER_VALUE_ALMOST_DONE;
}
break;
case S.HEADER_VALUE_ALMOST_DONE:
if (c !== LF) {
return;
}
state = S.HEADER_FIELD_START;
break;
case S.HEADERS_ALMOST_DONE:
if (c !== LF) {
return;
}
callback('onHeadersEnd');
state = S.PART_DATA_START;
break;
case S.PART_DATA_START:
state = S.PART_DATA;
mark('onPartData');
// falls through
case S.PART_DATA:
previousIndex = index;
if (index === 0) {
// boyer-moore derrived algorithm to safely skip non-boundary data
i += boundaryEnd;
while (i < bufferLength && !(data[i] in boundaryChars)) {
i += boundaryLength;
}
i -= boundaryEnd;
c = data[i];
}
if (index < boundary.length) {
if (boundary[index] === c) {
if (index === 0) {
dataCallback('onPartData', true);
}
index++;
} else {
index = 0;
}
} else if (index === boundary.length) {
index++;
if (c === CR) {
// CR = part boundary
flags |= F.PART_BOUNDARY;
} else if (c === HYPHEN) {
// HYPHEN = end boundary
flags |= F.LAST_BOUNDARY;
} else {
index = 0;
}
} else if (index - 1 === boundary.length) {
if (flags & F.PART_BOUNDARY) {
index = 0;
if (c === LF) {
// unset the PART_BOUNDARY flag
flags &= ~F.PART_BOUNDARY;
callback('onPartEnd');
callback('onPartBegin');
state = S.HEADER_FIELD_START;
break;
}
} else if (flags & F.LAST_BOUNDARY) {
if (c === HYPHEN) {
callback('onPartEnd');
state = S.END;
flags = 0;
} else {
index = 0;
}
} else {
index = 0;
}
}
if (index > 0) {
// when matching a possible boundary, keep a lookbehind reference
// in case it turns out to be a false lead
lookbehind[index - 1] = c;
} else if (previousIndex > 0) {
// if our boundary turned out to be rubbish, the captured lookbehind
// belongs to partData
const _lookbehind = new Uint8Array(lookbehind.buffer, lookbehind.byteOffset, lookbehind.byteLength);
callback('onPartData', 0, previousIndex, _lookbehind);
previousIndex = 0;
mark('onPartData');
// reconsider the current character even so it interrupted the sequence
// it could be the beginning of a new sequence
i--;
}
break;
case S.END:
break;
default:
throw new Error(`Unexpected state entered: ${state}`);
}
}
dataCallback('onHeaderField');
dataCallback('onHeaderValue');
dataCallback('onPartData');
// Update properties for the next call
this.index = index;
this.state = state;
this.flags = flags;
}
end() {
if ((this.state === S.HEADER_FIELD_START && this.index === 0) ||
(this.state === S.PART_DATA && this.index === this.boundary.length)) {
this.onPartEnd();
} else if (this.state !== S.END) {
throw new Error('MultipartParser.end(): stream ended unexpectedly');
}
}
}
function _fileName(headerValue) {
// matches either a quoted-string or a token (RFC 2616 section 19.5.1)
const m = headerValue.match(/\bfilename=("(.*?)"|([^()<>@,;:\\"/[\]?={}\s\t]+))($|;\s)/i);
if (!m) {
return;
}
const match = m[2] || m[3] || '';
let filename = match.slice(match.lastIndexOf('\\') + 1);
filename = filename.replace(/%22/g, '"');
filename = filename.replace(/&#(\d{4});/g, (m, code) => {
return String.fromCharCode(code);
});
return filename;
}
async function toFormData(Body, ct) {
if (!/multipart/i.test(ct)) {
throw new TypeError('Failed to fetch');
}
const m = ct.match(/boundary=(?:"([^"]+)"|([^;]+))/i);
if (!m) {
throw new TypeError('no or bad content-type header, no multipart boundary');
}
const parser = new MultipartParser(m[1] || m[2]);
let headerField;
let headerValue;
let entryValue;
let entryName;
let contentType;
let filename;
const entryChunks = [];
const formData = new formdata_polyfill_esm_min_js__WEBPACK_IMPORTED_MODULE_1__/* .FormData */ .Ct();
const onPartData = ui8a => {
entryValue += decoder.decode(ui8a, {stream: true});
};
const appendToFile = ui8a => {
entryChunks.push(ui8a);
};
const appendFileToFormData = () => {
const file = new fetch_blob_from_js__WEBPACK_IMPORTED_MODULE_0__/* .File */ .$B(entryChunks, filename, {type: contentType});
formData.append(entryName, file);
};
const appendEntryToFormData = () => {
formData.append(entryName, entryValue);
};
const decoder = new TextDecoder('utf-8');
decoder.decode();
parser.onPartBegin = function () {
parser.onPartData = onPartData;
parser.onPartEnd = appendEntryToFormData;
headerField = '';
headerValue = '';
entryValue = '';
entryName = '';
contentType = '';
filename = null;
entryChunks.length = 0;
};
parser.onHeaderField = function (ui8a) {
headerField += decoder.decode(ui8a, {stream: true});
};
parser.onHeaderValue = function (ui8a) {
headerValue += decoder.decode(ui8a, {stream: true});
};
parser.onHeaderEnd = function () {
headerValue += decoder.decode();
headerField = headerField.toLowerCase();
if (headerField === 'content-disposition') {
// matches either a quoted-string or a token (RFC 2616 section 19.5.1)
const m = headerValue.match(/\bname=("([^"]*)"|([^()<>@,;:\\"/[\]?={}\s\t]+))/i);
if (m) {
entryName = m[2] || m[3] || '';
}
filename = _fileName(headerValue);
if (filename) {
parser.onPartData = appendToFile;
parser.onPartEnd = appendFileToFormData;
}
} else if (headerField === 'content-type') {
contentType = headerValue;
}
headerValue = '';
headerField = '';
};
for await (const chunk of Body) {
parser.write(chunk);
}
parser.end();
return formData;
}
/***/ })
};
;
//# sourceMappingURL=37.index.js.map

1
dist/37.index.js.map vendored
View File

File diff suppressed because one or more lines are too long

453
dist/629.index.js vendored
View File

@@ -1,453 +0,0 @@
exports.id = 629;
exports.ids = [629];
exports.modules = {
/***/ 6629:
/***/ ((__unused_webpack___webpack_module__, __webpack_exports__, __webpack_require__) => {
"use strict";
__webpack_require__.r(__webpack_exports__);
/* harmony export */ __webpack_require__.d(__webpack_exports__, {
/* harmony export */ "toFormData": () => (/* binding */ toFormData)
/* harmony export */ });
/* harmony import */ var fetch_blob_from_js__WEBPACK_IMPORTED_MODULE_0__ = __webpack_require__(4818);
/* harmony import */ var formdata_polyfill_esm_min_js__WEBPACK_IMPORTED_MODULE_1__ = __webpack_require__(1402);
let s = 0;
const S = {
START_BOUNDARY: s++,
HEADER_FIELD_START: s++,
HEADER_FIELD: s++,
HEADER_VALUE_START: s++,
HEADER_VALUE: s++,
HEADER_VALUE_ALMOST_DONE: s++,
HEADERS_ALMOST_DONE: s++,
PART_DATA_START: s++,
PART_DATA: s++,
END: s++
};
let f = 1;
const F = {
PART_BOUNDARY: f,
LAST_BOUNDARY: f *= 2
};
const LF = 10;
const CR = 13;
const SPACE = 32;
const HYPHEN = 45;
const COLON = 58;
const A = 97;
const Z = 122;
const lower = c => c | 0x20;
const noop = () => {};
class MultipartParser {
/**
* @param {string} boundary
*/
constructor(boundary) {
this.index = 0;
this.flags = 0;
this.onHeaderEnd = noop;
this.onHeaderField = noop;
this.onHeadersEnd = noop;
this.onHeaderValue = noop;
this.onPartBegin = noop;
this.onPartData = noop;
this.onPartEnd = noop;
this.boundaryChars = {};
boundary = '\r\n--' + boundary;
const ui8a = new Uint8Array(boundary.length);
for (let i = 0; i < boundary.length; i++) {
ui8a[i] = boundary.charCodeAt(i);
this.boundaryChars[ui8a[i]] = true;
}
this.boundary = ui8a;
this.lookbehind = new Uint8Array(this.boundary.length + 8);
this.state = S.START_BOUNDARY;
}
/**
* @param {Uint8Array} data
*/
write(data) {
let i = 0;
const length_ = data.length;
let previousIndex = this.index;
let {lookbehind, boundary, boundaryChars, index, state, flags} = this;
const boundaryLength = this.boundary.length;
const boundaryEnd = boundaryLength - 1;
const bufferLength = data.length;
let c;
let cl;
const mark = name => {
this[name + 'Mark'] = i;
};
const clear = name => {
delete this[name + 'Mark'];
};
const callback = (callbackSymbol, start, end, ui8a) => {
if (start === undefined || start !== end) {
this[callbackSymbol](ui8a && ui8a.subarray(start, end));
}
};
const dataCallback = (name, clear) => {
const markSymbol = name + 'Mark';
if (!(markSymbol in this)) {
return;
}
if (clear) {
callback(name, this[markSymbol], i, data);
delete this[markSymbol];
} else {
callback(name, this[markSymbol], data.length, data);
this[markSymbol] = 0;
}
};
for (i = 0; i < length_; i++) {
c = data[i];
switch (state) {
case S.START_BOUNDARY:
if (index === boundary.length - 2) {
if (c === HYPHEN) {
flags |= F.LAST_BOUNDARY;
} else if (c !== CR) {
return;
}
index++;
break;
} else if (index - 1 === boundary.length - 2) {
if (flags & F.LAST_BOUNDARY && c === HYPHEN) {
state = S.END;
flags = 0;
} else if (!(flags & F.LAST_BOUNDARY) && c === LF) {
index = 0;
callback('onPartBegin');
state = S.HEADER_FIELD_START;
} else {
return;
}
break;
}
if (c !== boundary[index + 2]) {
index = -2;
}
if (c === boundary[index + 2]) {
index++;
}
break;
case S.HEADER_FIELD_START:
state = S.HEADER_FIELD;
mark('onHeaderField');
index = 0;
// falls through
case S.HEADER_FIELD:
if (c === CR) {
clear('onHeaderField');
state = S.HEADERS_ALMOST_DONE;
break;
}
index++;
if (c === HYPHEN) {
break;
}
if (c === COLON) {
if (index === 1) {
// empty header field
return;
}
dataCallback('onHeaderField', true);
state = S.HEADER_VALUE_START;
break;
}
cl = lower(c);
if (cl < A || cl > Z) {
return;
}
break;
case S.HEADER_VALUE_START:
if (c === SPACE) {
break;
}
mark('onHeaderValue');
state = S.HEADER_VALUE;
// falls through
case S.HEADER_VALUE:
if (c === CR) {
dataCallback('onHeaderValue', true);
callback('onHeaderEnd');
state = S.HEADER_VALUE_ALMOST_DONE;
}
break;
case S.HEADER_VALUE_ALMOST_DONE:
if (c !== LF) {
return;
}
state = S.HEADER_FIELD_START;
break;
case S.HEADERS_ALMOST_DONE:
if (c !== LF) {
return;
}
callback('onHeadersEnd');
state = S.PART_DATA_START;
break;
case S.PART_DATA_START:
state = S.PART_DATA;
mark('onPartData');
// falls through
case S.PART_DATA:
previousIndex = index;
if (index === 0) {
// boyer-moore derrived algorithm to safely skip non-boundary data
i += boundaryEnd;
while (i < bufferLength && !(data[i] in boundaryChars)) {
i += boundaryLength;
}
i -= boundaryEnd;
c = data[i];
}
if (index < boundary.length) {
if (boundary[index] === c) {
if (index === 0) {
dataCallback('onPartData', true);
}
index++;
} else {
index = 0;
}
} else if (index === boundary.length) {
index++;
if (c === CR) {
// CR = part boundary
flags |= F.PART_BOUNDARY;
} else if (c === HYPHEN) {
// HYPHEN = end boundary
flags |= F.LAST_BOUNDARY;
} else {
index = 0;
}
} else if (index - 1 === boundary.length) {
if (flags & F.PART_BOUNDARY) {
index = 0;
if (c === LF) {
// unset the PART_BOUNDARY flag
flags &= ~F.PART_BOUNDARY;
callback('onPartEnd');
callback('onPartBegin');
state = S.HEADER_FIELD_START;
break;
}
} else if (flags & F.LAST_BOUNDARY) {
if (c === HYPHEN) {
callback('onPartEnd');
state = S.END;
flags = 0;
} else {
index = 0;
}
} else {
index = 0;
}
}
if (index > 0) {
// when matching a possible boundary, keep a lookbehind reference
// in case it turns out to be a false lead
lookbehind[index - 1] = c;
} else if (previousIndex > 0) {
// if our boundary turned out to be rubbish, the captured lookbehind
// belongs to partData
const _lookbehind = new Uint8Array(lookbehind.buffer, lookbehind.byteOffset, lookbehind.byteLength);
callback('onPartData', 0, previousIndex, _lookbehind);
previousIndex = 0;
mark('onPartData');
// reconsider the current character even so it interrupted the sequence
// it could be the beginning of a new sequence
i--;
}
break;
case S.END:
break;
default:
throw new Error(`Unexpected state entered: ${state}`);
}
}
dataCallback('onHeaderField');
dataCallback('onHeaderValue');
dataCallback('onPartData');
// Update properties for the next call
this.index = index;
this.state = state;
this.flags = flags;
}
end() {
if ((this.state === S.HEADER_FIELD_START && this.index === 0) ||
(this.state === S.PART_DATA && this.index === this.boundary.length)) {
this.onPartEnd();
} else if (this.state !== S.END) {
throw new Error('MultipartParser.end(): stream ended unexpectedly');
}
}
}
function _fileName(headerValue) {
// matches either a quoted-string or a token (RFC 2616 section 19.5.1)
const m = headerValue.match(/\bfilename=("(.*?)"|([^()<>@,;:\\"/[\]?={}\s\t]+))($|;\s)/i);
if (!m) {
return;
}
const match = m[2] || m[3] || '';
let filename = match.slice(match.lastIndexOf('\\') + 1);
filename = filename.replace(/%22/g, '"');
filename = filename.replace(/&#(\d{4});/g, (m, code) => {
return String.fromCharCode(code);
});
return filename;
}
async function toFormData(Body, ct) {
if (!/multipart/i.test(ct)) {
throw new TypeError('Failed to fetch');
}
const m = ct.match(/boundary=(?:"([^"]+)"|([^;]+))/i);
if (!m) {
throw new TypeError('no or bad content-type header, no multipart boundary');
}
const parser = new MultipartParser(m[1] || m[2]);
let headerField;
let headerValue;
let entryValue;
let entryName;
let contentType;
let filename;
const entryChunks = [];
const formData = new formdata_polyfill_esm_min_js__WEBPACK_IMPORTED_MODULE_1__/* .FormData */ .Ct();
const onPartData = ui8a => {
entryValue += decoder.decode(ui8a, {stream: true});
};
const appendToFile = ui8a => {
entryChunks.push(ui8a);
};
const appendFileToFormData = () => {
const file = new fetch_blob_from_js__WEBPACK_IMPORTED_MODULE_0__/* .File */ .$B(entryChunks, filename, {type: contentType});
formData.append(entryName, file);
};
const appendEntryToFormData = () => {
formData.append(entryName, entryValue);
};
const decoder = new TextDecoder('utf-8');
decoder.decode();
parser.onPartBegin = function () {
parser.onPartData = onPartData;
parser.onPartEnd = appendEntryToFormData;
headerField = '';
headerValue = '';
entryValue = '';
entryName = '';
contentType = '';
filename = null;
entryChunks.length = 0;
};
parser.onHeaderField = function (ui8a) {
headerField += decoder.decode(ui8a, {stream: true});
};
parser.onHeaderValue = function (ui8a) {
headerValue += decoder.decode(ui8a, {stream: true});
};
parser.onHeaderEnd = function () {
headerValue += decoder.decode();
headerField = headerField.toLowerCase();
if (headerField === 'content-disposition') {
// matches either a quoted-string or a token (RFC 2616 section 19.5.1)
const m = headerValue.match(/\bname=("([^"]*)"|([^()<>@,;:\\"/[\]?={}\s\t]+))/i);
if (m) {
entryName = m[2] || m[3] || '';
}
filename = _fileName(headerValue);
if (filename) {
parser.onPartData = appendToFile;
parser.onPartEnd = appendFileToFormData;
}
} else if (headerField === 'content-type') {
contentType = headerValue;
}
headerValue = '';
headerField = '';
};
for await (const chunk of Body) {
parser.write(chunk);
}
parser.end();
return formData;
}
/***/ })
};
;
//# sourceMappingURL=629.index.js.map

1
dist/629.index.js.map vendored
View File

File diff suppressed because one or more lines are too long

38448
dist/index.js vendored Executable file → Normal file
View File

File diff suppressed because one or more lines are too long

2
dist/index.js.map vendored
View File

File diff suppressed because one or more lines are too long

2
dist/sourcemap-register.js vendored
View File

File diff suppressed because one or more lines are too long

10884
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

33
package.json
View File

@@ -1,6 +1,6 @@
{
"name": "codecov-action",
"version": "4.2.0",
"version": "2.0.2",
"description": "Upload coverage reports to Codecov from GitHub Actions",
"main": "index.js",
"scripts": {
@@ -16,29 +16,30 @@
"url": "git+https://github.com/codecov/codecov-action.git"
},
"keywords": [],
"author": "Codecov",
"author": "Ibrahim Ali",
"license": "MIT",
"bugs": {
"url": "https://github.com/codecov/codecov-action/issues"
},
"homepage": "https://github.com/codecov/codecov-action#readme",
"dependencies": {
"@actions/core": "^1.10.1",
"@actions/exec": "^1.1.1",
"@actions/github": "^6.0.0",
"gpg": "^0.6.0",
"undici": "5.28.3"
"@actions/core": "^1.4.0",
"@actions/exec": "^1.1.0",
"@actions/github": "^5.0.0",
"node-fetch": "^2.6.1",
"openpgp": "^5.0.0-4"
},
"devDependencies": {
"@types/jest": "^29.5.12",
"@typescript-eslint/eslint-plugin": "^7.5.0",
"@typescript-eslint/parser": "^7.5.0",
"@vercel/ncc": "^0.38.1",
"eslint": "^8.57.0",
"@types/jest": "^26.0.24",
"@types/node": "^16.4.0",
"@typescript-eslint/eslint-plugin": "^4.28.4",
"@typescript-eslint/parser": "^4.28.4",
"@vercel/ncc": "^0.29.0",
"eslint": "^7.31.0",
"eslint-config-google": "^0.14.0",
"jest": "^29.7.0",
"jest-junit": "^16.0.0",
"ts-jest": "^29.1.2",
"typescript": "^5.4.3"
"jest": "^26.6.3",
"jest-junit": "^12.2.0",
"ts-jest": "^26.5.6",
"typescript": "^4.3.5"
}
}

249
src/buildExec.test.ts
View File

@@ -1,107 +1,74 @@
import * as github from '@actions/github';
import {
buildCommitExec,
buildGeneralExec,
buildReportExec,
buildUploadExec,
} from './buildExec';
import buildExec from './buildExec';
/* eslint-disable @typescript-eslint/no-var-requires */
const {version} = require('../package.json');
const context = github.context;
test('general args', async () => {
const envs = {
codecov_yml_path: 'dev/codecov.yml',
url: 'https://codecov.enterprise.com',
verbose: 't',
};
for (const env of Object.keys(envs)) {
process.env['INPUT_' + env.toUpperCase()] = envs[env];
}
test('no arguments', () => {
const {execArgs, failCi} = buildExec();
const {args, verbose} = await buildGeneralExec();
expect(args).toEqual(
expect.arrayContaining([
'--codecov-yml-path',
'dev/codecov.yml',
'--enterprise-url',
'https://codecov.enterprise.com',
'-v',
]));
expect(verbose).toBeTruthy();
for (const env of Object.keys(envs)) {
delete process.env['INPUT_' + env.toUpperCase()];
}
});
test('upload args using context', async () => {
const expectedArgs = [
'--git-service',
'github',
const args = [
'-n',
'',
'-Q',
`github-action-${version}`,
];
const {uploadExecArgs, uploadCommand} = await buildUploadExec();
if (context.eventName == 'pull_request') {
expectedArgs.push('-C', `${context.payload.pull_request.head.sha}`);
args.push('-C', `${context.payload.pull_request.head.sha}`);
}
if (context.eventName == 'pull_request_target') {
expectedArgs.push('-P', `${context.payload.number}`);
}
expect(uploadExecArgs).toEqual(expectedArgs);
expect(uploadCommand).toEqual('do-upload');
expect(execArgs).toEqual(args);
expect(failCi).toBeFalsy();
});
test('upload args', async () => {
test('all arguments', () => {
const envs = {
'codecov_yml_path': 'dev/codecov.yml',
'commit_parent': 'fakeparentcommit',
'commit_parent': '83231650328f11695dfb754ca0f540516f188d27',
'directory': 'coverage/',
'disable_file_fixes': 'true',
'disable_search': 'true',
'dry_run': 'true',
'env_vars': 'OS,PYTHON',
'exclude': 'node_modules/',
'fail_ci_if_error': 'true',
'file': 'coverage.xml',
'files': 'dir1/coverage.xml,dir2/coverage.xml',
'flags': 'test,test2',
'git_service': 'github_enterprise',
'handle_no_reports_found': 'true',
'job_code': '32',
'functionalities':
'network',
'move_coverage_to_trash': 'true',
'name': 'codecov',
'os': 'macos',
'override_branch': 'thomasrockhu/test',
'override_build': '1',
'override_build_url': 'https://example.com/build/2',
'override_commit': '9caabca5474b49de74ef5667deabaf74cdacc244',
'override_pr': '2',
'plugin': 'xcode',
'plugins': 'pycoverage,compress-pycoverage',
'report_code': 'testCode',
'override_tag': 'v1.2',
'path_to_write_report': 'codecov/',
'root_dir': 'root/',
'slug': 'fakeOwner/fakeRepo',
'token': 'd3859757-ab80-4664-924d-aef22fa7557b',
'url': 'https://enterprise.example.com',
'use_legacy_upload_endpoint': 'true',
'verbose': 'true',
'version': '0.1.2',
'url': 'https://codecov.enterprise.com',
'verbose': 't',
'working-directory': 'src',
};
for (const env of Object.keys(envs)) {
process.env['INPUT_' + env.toUpperCase()] = envs[env];
}
const {uploadExecArgs, uploadCommand} = await buildUploadExec();
const expectedArgs = [
'--disable-file-fixes',
'--disable-search',
const {execArgs, failCi} = buildExec();
expect(execArgs).toEqual([
'-n',
'codecov',
'-Q',
`github-action-${version}`,
'-c',
'-N',
'83231650328f11695dfb754ca0f540516f188d27',
'-d',
'-e',
'OS,PYTHON',
'--exclude',
'node_modules/',
'-X',
'network',
'-Z',
'-f',
'coverage.xml',
@@ -113,161 +80,29 @@ test('upload args', async () => {
'test',
'-F',
'test2',
'--git-service',
'github_enterprise',
'--handle-no-reports-found',
'--job-code',
'32',
'-n',
'codecov',
'-B',
'thomasrockhu/test',
'-b',
'1',
'--build-url',
'https://example.com/build/2',
'-C',
'9caabca5474b49de74ef5667deabaf74cdacc244',
'-P',
'2',
'--plugin',
'xcode',
'--plugin',
'pycoverage',
'--plugin',
'compress-pycoverage',
'--report-code',
'testCode',
'--network-root-folder',
'-T',
'v1.2',
'-R',
'root/',
'-s',
'coverage/',
'-r',
'fakeOwner/fakeRepo',
'--legacy',
];
'-u',
'https://codecov.enterprise.com',
'-v',
]);
expect(failCi).toBeTruthy();
expect(uploadExecArgs).toEqual(expectedArgs);
expect(uploadCommand).toEqual('do-upload');
for (const env of Object.keys(envs)) {
delete process.env['INPUT_' + env.toUpperCase()];
}
});
test('report args', async () => {
const envs = {
git_service: 'github_enterprise',
override_commit: '9caabca5474b49de74ef5667deabaf74cdacc244',
override_pr: 'fakePR',
slug: 'fakeOwner/fakeRepo',
token: 'd3859757-ab80-4664-924d-aef22fa7557b',
fail_ci_if_error: 'true',
};
for (const env of Object.keys(envs)) {
process.env['INPUT_' + env.toUpperCase()] = envs[env];
}
const {reportExecArgs, reportCommand} = await buildReportExec();
const expectedArgs = [
'--git-service',
'github_enterprise',
'-C',
'9caabca5474b49de74ef5667deabaf74cdacc244',
'-P',
'fakePR',
'--slug',
'fakeOwner/fakeRepo',
'-Z',
];
expect(reportExecArgs).toEqual(expectedArgs);
expect(reportCommand).toEqual('create-report');
for (const env of Object.keys(envs)) {
delete process.env['INPUT_' + env.toUpperCase()];
}
});
test('report args using context', async () => {
const envs = {
token: 'd3859757-ab80-4664-924d-aef22fa7557b',
};
for (const env of Object.keys(envs)) {
process.env['INPUT_' + env.toUpperCase()] = envs[env];
}
const expectedArgs : string[] = [
'--git-service',
'github',
];
if (context.eventName == 'pull_request') {
expectedArgs.push('-C', `${context.payload.pull_request.head.sha}`);
}
const {reportExecArgs, reportCommand} = await buildReportExec();
expect(reportExecArgs).toEqual(expectedArgs);
expect(reportCommand).toEqual('create-report');
for (const env of Object.keys(envs)) {
delete process.env['INPUT_' + env.toUpperCase()];
}
});
test('commit args', async () => {
const envs = {
git_service: 'github_enterprise',
commit_parent: '83231650328f11695dfb754ca0f540516f188d27',
override_branch: 'thomasrockhu/test',
override_commit: '9caabca5474b49de74ef5667deabaf74cdacc244',
override_pr: '2',
slug: 'fakeOwner/fakeRepo',
token: 'd3859757-ab80-4664-924d-aef22fa7557b',
fail_ci_if_error: 'true',
};
for (const env of Object.keys(envs)) {
process.env['INPUT_' + env.toUpperCase()] = envs[env];
}
const {commitExecArgs, commitCommand} = await buildCommitExec();
const expectedArgs = [
'--parent-sha',
'83231650328f11695dfb754ca0f540516f188d27',
'--git-service',
'github_enterprise',
'-B',
'thomasrockhu/test',
'-C',
'9caabca5474b49de74ef5667deabaf74cdacc244',
'--pr',
'2',
'--slug',
'fakeOwner/fakeRepo',
'-Z',
];
expect(commitExecArgs).toEqual(expectedArgs);
expect(commitCommand).toEqual('create-commit');
for (const env of Object.keys(envs)) {
delete process.env['INPUT_' + env.toUpperCase()];
}
});
test('commit args using context', async () => {
const expectedArgs :string[] = [
'--git-service',
'github',
];
const {commitExecArgs, commitCommand} = await buildCommitExec();
if (context.eventName == 'pull_request') {
expectedArgs.push('-C', `${context.payload.pull_request.head.sha}`);
}
if (context.eventName == 'pull_request_target') {
expectedArgs.push('-P', `${context.payload.number}`);
}
expect(commitExecArgs).toEqual(expectedArgs);
expect(commitCommand).toEqual('create-commit');
});

316
src/buildExec.ts
View File

@@ -1,9 +1,7 @@
/* eslint-disable @typescript-eslint/no-explicit-any */
import * as core from '@actions/core';
import * as github from '@actions/github';
import {setFailure} from './helpers';
import {version} from '../package.json';
const context = github.context;
@@ -18,206 +16,40 @@ const isTrue = (variable) => {
);
};
const getToken = async () => {
let token = core.getInput('token');
let url = core.getInput('url');
const useOIDC = isTrue(core.getInput('use_oidc'));
if (useOIDC) {
if (!url) {
url = 'https://codecov.io';
}
try {
token = await core.getIDToken(url);
return token;
} catch (err) {
setFailure(
`Codecov: Failed to get OIDC token with url: ${url}. ${err.message}`,
true,
);
}
}
return token;
};
const buildCommitExec = async () => {
const buildExec = () => {
const clean = core.getInput('move_coverage_to_trash');
const commitParent = core.getInput('commit_parent');
const gitService = core.getInput('git_service');
const overrideBranch = core.getInput('override_branch');
const overrideCommit = core.getInput('override_commit');
const overridePr = core.getInput('override_pr');
const slug = core.getInput('slug');
const token = await getToken();
const failCi = isTrue(core.getInput('fail_ci_if_error'));
const workingDir = core.getInput('working-directory');
const commitCommand = 'create-commit';
const commitExecArgs = [];
const commitOptions:any = {};
commitOptions.env = Object.assign(process.env, {
GITHUB_ACTION: process.env.GITHUB_ACTION,
GITHUB_RUN_ID: process.env.GITHUB_RUN_ID,
GITHUB_REF: process.env.GITHUB_REF,
GITHUB_REPOSITORY: process.env.GITHUB_REPOSITORY,
GITHUB_SHA: process.env.GITHUB_SHA,
GITHUB_HEAD_REF: process.env.GITHUB_HEAD_REF || '',
});
if (token) {
commitOptions.env.CODECOV_TOKEN = token;
}
if (commitParent) {
commitExecArgs.push('--parent-sha', `${commitParent}`);
}
commitExecArgs.push('--git-service', `${gitService ? gitService : 'github'}`);
if (overrideBranch) {
commitExecArgs.push('-B', `${overrideBranch}`);
}
if (overrideCommit) {
commitExecArgs.push('-C', `${overrideCommit}`);
} else if (
`${context.eventName}` == 'pull_request' ||
`${context.eventName}` == 'pull_request_target'
) {
commitExecArgs.push('-C', `${context.payload.pull_request.head.sha}`);
}
if (overridePr) {
commitExecArgs.push('--pr', `${overridePr}`);
} else if (
`${context.eventName}` == 'pull_request_target'
) {
commitExecArgs.push('--pr', `${context.payload.number}`);
}
if (slug) {
commitExecArgs.push('--slug', `${slug}`);
}
if (failCi) {
commitExecArgs.push('-Z');
}
if (workingDir) {
commitOptions.cwd = workingDir;
}
return {commitExecArgs, commitOptions, commitCommand};
};
const buildGeneralExec = () => {
const codecovYmlPath = core.getInput('codecov_yml_path');
const url = core.getInput('url');
const verbose = isTrue(core.getInput('verbose'));
const args = [];
if (codecovYmlPath) {
args.push('--codecov-yml-path', `${codecovYmlPath}`);
}
if (url) {
args.push('--enterprise-url', `${url}`);
}
if (verbose) {
args.push('-v');
}
return {args, verbose};
};
const buildReportExec = async () => {
const gitService = core.getInput('git_service');
const overrideCommit = core.getInput('override_commit');
const overridePr = core.getInput('override_pr');
const slug = core.getInput('slug');
const token = await getToken();
const failCi = isTrue(core.getInput('fail_ci_if_error'));
const workingDir = core.getInput('working-directory');
const reportCommand = 'create-report';
const reportExecArgs = [];
const reportOptions:any = {};
reportOptions.env = Object.assign(process.env, {
GITHUB_ACTION: process.env.GITHUB_ACTION,
GITHUB_RUN_ID: process.env.GITHUB_RUN_ID,
GITHUB_REF: process.env.GITHUB_REF,
GITHUB_REPOSITORY: process.env.GITHUB_REPOSITORY,
GITHUB_SHA: process.env.GITHUB_SHA,
GITHUB_HEAD_REF: process.env.GITHUB_HEAD_REF || '',
});
if (token) {
reportOptions.env.CODECOV_TOKEN = token;
}
reportExecArgs.push('--git-service', `${gitService ? gitService : 'github'}`);
if (overrideCommit) {
reportExecArgs.push('-C', `${overrideCommit}`);
} else if (
`${context.eventName}` == 'pull_request' ||
`${context.eventName}` == 'pull_request_target'
) {
reportExecArgs.push('-C', `${context.payload.pull_request.head.sha}`);
}
if (overridePr) {
reportExecArgs.push('-P', `${overridePr}`);
} else if (
`${context.eventName}` == 'pull_request_target'
) {
reportExecArgs.push('-P', `${context.payload.number}`);
}
if (slug) {
reportExecArgs.push('--slug', `${slug}`);
}
if (failCi) {
reportExecArgs.push('-Z');
}
if (workingDir) {
reportOptions.cwd = workingDir;
}
return {reportExecArgs, reportOptions, reportCommand};
};
const buildUploadExec = async () => {
const disableFileFixes = isTrue(core.getInput('disable_file_fixes'));
const disableSafeDirectory = isTrue(core.getInput('disable_safe_directory'));
const disableSearch = isTrue(core.getInput('disable_search'));
const dryRun = isTrue(core.getInput('dry_run'));
const envVars = core.getInput('env_vars');
const exclude = core.getInput('exclude');
const dryRun = isTrue(core.getInput('dry_run'));
const failCi = isTrue(core.getInput('fail_ci_if_error'));
const file = core.getInput('file');
const files = core.getInput('files');
const flags = core.getInput('flags');
const gitService = core.getInput('git_service');
const handleNoReportsFound = isTrue(core.getInput('handle_no_reports_found'));
const jobCode = core.getInput('job_code');
const functionalities = core.getInput('functionalities');
const name = core.getInput('name');
const os = core.getInput('os');
const overrideBranch = core.getInput('override_branch');
const overrideBuild = core.getInput('override_build');
const overrideBuildUrl = core.getInput('override_build_url');
const overrideCommit = core.getInput('override_commit');
const overridePr = core.getInput('override_pr');
const plugin = core.getInput('plugin');
const plugins = core.getInput('plugins');
const reportCode = core.getInput('report_code');
const overrideTag = core.getInput('override_tag');
const rootDir = core.getInput('root_dir');
const searchDir = core.getInput('directory');
const slug = core.getInput('slug');
const token = await getToken();
let uploaderVersion = core.getInput('version');
const useLegacyUploadEndpoint = isTrue(
core.getInput('use_legacy_upload_endpoint'),
);
const token = core.getInput('token');
const verbose = isTrue(core.getInput('verbose'));
const url = core.getInput('url');
const workingDir = core.getInput('working-directory');
const uploadExecArgs = [];
const uploadCommand = 'do-upload';
const uploadOptions:any = {};
uploadOptions.env = Object.assign(process.env, {
const execArgs = [];
execArgs.push(
'-n',
`${name}`,
'-Q',
`github-action-${version}`,
);
const options:any = {};
options.env = Object.assign(process.env, {
GITHUB_ACTION: process.env.GITHUB_ACTION,
GITHUB_RUN_ID: process.env.GITHUB_RUN_ID,
GITHUB_REF: process.env.GITHUB_REF,
@@ -230,123 +62,91 @@ const buildUploadExec = async () => {
for (const envVar of envVars.split(',')) {
const envVarClean = envVar.trim();
if (envVarClean) {
uploadOptions.env[envVarClean] = process.env[envVarClean];
options.env[envVarClean] = process.env[envVarClean];
envVarsArg.push(envVarClean);
}
}
if (token) {
uploadOptions.env.CODECOV_TOKEN = token;
options.env.CODECOV_TOKEN = token;
}
if (disableFileFixes) {
uploadExecArgs.push('--disable-file-fixes');
if (clean) {
execArgs.push('-c');
}
if (disableSearch) {
uploadExecArgs.push('--disable-search');
if (commitParent) {
execArgs.push('-N', `${commitParent}`);
}
if (dryRun) {
uploadExecArgs.push('-d');
execArgs.push('-d');
}
if (envVarsArg.length) {
uploadExecArgs.push('-e', envVarsArg.join(','));
execArgs.push('-e', envVarsArg.join(','));
}
if (exclude) {
uploadExecArgs.push('--exclude', `${exclude}`);
if (functionalities) {
functionalities.split(',').forEach((f) => {
execArgs.push('-X', `${f}`);
});
}
if (failCi) {
uploadExecArgs.push('-Z');
execArgs.push('-Z');
}
if (file) {
uploadExecArgs.push('-f', `${file}`);
execArgs.push('-f', `${file}`);
}
if (files) {
files.split(',').map((f) => f.trim()).forEach((f) => {
uploadExecArgs.push('-f', `${f}`);
files.split(',').forEach((f) => {
execArgs.push('-f', `${f}`);
});
}
if (flags) {
flags.split(',').map((f) => f.trim()).forEach((f) => {
uploadExecArgs.push('-F', `${f}`);
flags.split(',').forEach((f) => {
execArgs.push('-F', `${f}`);
});
}
uploadExecArgs.push('--git-service', `${gitService ? gitService : 'github'}`);
if (handleNoReportsFound) {
uploadExecArgs.push('--handle-no-reports-found');
}
if (jobCode) {
uploadExecArgs.push('--job-code', `${jobCode}`);
}
if (name) {
uploadExecArgs.push('-n', `${name}`);
}
if (overrideBranch) {
uploadExecArgs.push('-B', `${overrideBranch}`);
execArgs.push('-B', `${overrideBranch}`);
}
if (overrideBuild) {
uploadExecArgs.push('-b', `${overrideBuild}`);
}
if (overrideBuildUrl) {
uploadExecArgs.push('--build-url', `${overrideBuildUrl}`);
execArgs.push('-b', `${overrideBuild}`);
}
if (overrideCommit) {
uploadExecArgs.push('-C', `${overrideCommit}`);
execArgs.push('-C', `${overrideCommit}`);
} else if (
`${context.eventName}` == 'pull_request' ||
`${context.eventName}` == 'pull_request_target'
) {
uploadExecArgs.push('-C', `${context.payload.pull_request.head.sha}`);
execArgs.push('-C', `${context.payload.pull_request.head.sha}`);
}
if (overridePr) {
uploadExecArgs.push('-P', `${overridePr}`);
execArgs.push('-P', `${overridePr}`);
} else if (
`${context.eventName}` == 'pull_request_target'
) {
uploadExecArgs.push('-P', `${context.payload.number}`);
execArgs.push('-P', `${context.payload.number}`);
}
if (plugin) {
uploadExecArgs.push('--plugin', `${plugin}`);
}
if (plugins) {
plugins.split(',').map((p) => p.trim()).forEach((p) => {
uploadExecArgs.push('--plugin', `${p}`);
});
}
if (reportCode) {
uploadExecArgs.push('--report-code', `${reportCode}`);
if (overrideTag) {
execArgs.push('-T', `${overrideTag}`);
}
if (rootDir) {
uploadExecArgs.push('--network-root-folder', `${rootDir}`);
execArgs.push('-R', `${rootDir}`);
}
if (searchDir) {
uploadExecArgs.push('-s', `${searchDir}`);
execArgs.push('-s', `${searchDir}`);
}
if (slug) {
uploadExecArgs.push('-r', `${slug}`);
execArgs.push('-r', `${slug}`);
}
if (url) {
execArgs.push('-u', `${url}`);
}
if (verbose) {
execArgs.push('-v');
}
if (workingDir) {
uploadOptions.cwd = workingDir;
}
if (uploaderVersion == '') {
uploaderVersion = 'latest';
}
if (useLegacyUploadEndpoint) {
uploadExecArgs.push('--legacy');
options.cwd = workingDir;
}
return {
uploadExecArgs,
uploadOptions,
disableSafeDirectory,
failCi,
os,
uploaderVersion,
uploadCommand,
};
return {execArgs, options, failCi};
};
export {
buildCommitExec,
buildGeneralExec,
buildReportExec,
buildUploadExec,
};
export default buildExec;

96
src/helpers.test.ts
View File

@@ -1,96 +0,0 @@
import * as exec from '@actions/exec';
import {
PLATFORMS,
getBaseUrl,
getCommand,
getPlatform,
isValidPlatform,
isWindows,
setSafeDirectory,
} from './helpers';
let OLDOS = process.env.RUNNER_OS;
beforeEach(() => {
jest.resetModules();
OLDOS = process.env.RUNNER_OS;
});
afterAll(() => {
process.env.RUNNER_OS = OLDOS;
});
test('getPlatform', () => {
expect(getPlatform('linux')).toBe('linux');
expect(getPlatform('windows')).toBe('windows');
const defaultPlatform =
process.env.RUNNER_OS ? process.env.RUNNER_OS.toLowerCase() : 'linux';
expect(getPlatform('fakeos')).toBe(defaultPlatform);
expect(getPlatform()).toBe(defaultPlatform);
process.env.RUNNER_OS = 'macos';
expect(getPlatform('fakeos')).toBe('macos');
expect(getPlatform()).toBe('macos');
process.env.RUNNER_OS = 'alsofakeos';
expect(getPlatform()).toBe('linux');
expect(getPlatform('fakeos')).toBe('linux');
});
test('getBaseUrl', () => {
expect(PLATFORMS.map((platform) => {
return getBaseUrl(platform, 'latest');
})).toEqual([
'https://cli.codecov.io/latest/linux/codecov',
'https://cli.codecov.io/latest/macos/codecov',
'https://cli.codecov.io/latest/windows/codecov.exe',
'https://cli.codecov.io/latest/alpine/codecov',
'https://cli.codecov.io/latest/linux-arm64/codecov',
'https://cli.codecov.io/latest/alpine-arm64/codecov',
]);
expect(PLATFORMS.map((platform) => {
return getBaseUrl(platform, 'v0.1.0_8880');
})).toEqual([
'https://cli.codecov.io/v0.1.0_8880/linux/codecov',
'https://cli.codecov.io/v0.1.0_8880/macos/codecov',
'https://cli.codecov.io/v0.1.0_8880/windows/codecov.exe',
'https://cli.codecov.io/v0.1.0_8880/alpine/codecov',
'https://cli.codecov.io/v0.1.0_8880/linux-arm64/codecov',
'https://cli.codecov.io/v0.1.0_8880/alpine-arm64/codecov',
]);
});
test('isWindows', () => {
expect(PLATFORMS.map((platform) => {
return isWindows(platform);
})).toEqual([false, false, true, false, false, false]);
});
test('isValidPlatform', () => {
expect(PLATFORMS.map((platform) => {
return isValidPlatform(platform);
})).toEqual([true, true, true, true, true, true]);
expect(isValidPlatform('fakeos')).toBeFalsy();
});
test('getCommand', () => {
expect(getCommand('path', ['-v', '-x'], 'do-upload'))
.toEqual(['path', '-v', '-x', 'do-upload']);
});
test('setSafeDirectory', async () => {
process.env.GITHUB_WORKSPACE = 'testOrg/testRepo';
await setSafeDirectory();
const testSafeDirectory = ([
'git',
'config',
'--get',
'safe.directory',
]).join(' ');
const safeDirectory = await exec.getExecOutput(testSafeDirectory);
expect(safeDirectory.stdout).toBe('testOrg/testRepo\n');
});

72
src/helpers.ts
View File

@@ -1,14 +1,6 @@
import * as core from '@actions/core';
import * as exec from '@actions/exec';
const PLATFORMS = [
'linux',
'macos',
'windows',
'alpine',
'linux-arm64',
'alpine-arm64',
];
const PLATFORMS = ['alpine', 'linux', 'macos', 'windows'];
const setFailure = (message: string, failCi: boolean): void => {
failCi ? core.setFailed(message) : core.warning(message);
@@ -17,75 +9,33 @@ const setFailure = (message: string, failCi: boolean): void => {
}
};
const getUploaderName = (platform: string): string => {
if (isWindows(platform)) {
const getUploaderName = (): string => {
if (isWindows()) {
return 'codecov.exe';
} else {
return 'codecov';
}
};
const isValidPlatform = (platform: string): boolean => {
return PLATFORMS.includes(platform);
const isValidPlatform = (): boolean => {
return PLATFORMS.includes(getPlatform());
};
const isWindows = (platform: string): boolean => {
return platform === 'windows';
const isWindows = (): boolean => {
return getPlatform() === 'windows';
};
const getPlatform = (os?: string): string => {
if (isValidPlatform(os)) {
core.info(`==> ${os} OS provided`);
return os;
}
const platform = process.env.RUNNER_OS?.toLowerCase();
if (isValidPlatform(platform)) {
core.info(`==> ${platform} OS detected`);
return platform;
}
core.info(
'==> Could not detect OS or provided OS is invalid. Defaulting to linux',
);
return 'linux';
const getPlatform = (): string => {
return process.env.RUNNER_OS.toLowerCase();
};
const getBaseUrl = (platform: string, version: string): string => {
return `https://cli.codecov.io/${version}/${platform}/${getUploaderName(platform)}`;
};
const getCommand = (
filename: string,
generalArgs:string[],
command: string,
): string[] => {
const fullCommand = [filename, ...generalArgs, command];
core.info(`==> Running command '${fullCommand.join(' ')}'`);
return fullCommand;
};
const setSafeDirectory = async () => {
const command = ([
'git',
'config',
'--global',
'--add',
'safe.directory',
`${process.env['GITHUB_WORKSPACE']}`,
].join(' '));
core.info(`==> Running ${command}`);
await exec.exec(command);
};
const BASEURL = `https://uploader.codecov.io/latest/${getPlatform()}/${getUploaderName()}`;
export {
PLATFORMS,
getBaseUrl,
BASEURL,
getPlatform,
getUploaderName,
isValidPlatform,
isWindows,
setFailure,
setSafeDirectory,
getCommand,
};

162
src/index.ts
View File

@@ -4,126 +4,66 @@ import * as path from 'path';
import * as exec from '@actions/exec';
import buildExec from './buildExec';
import {
buildCommitExec,
buildGeneralExec,
buildReportExec,
buildUploadExec,
} from './buildExec';
import {
getBaseUrl,
getCommand,
BASEURL,
getPlatform,
getUploaderName,
isValidPlatform,
setFailure,
setSafeDirectory,
} from './helpers';
import verify from './validate';
import versionInfo from './version';
let failCi;
const run = async () => {
try {
const {commitExecArgs, commitOptions, commitCommand} = await buildCommitExec();
const {reportExecArgs, reportOptions, reportCommand} = await buildReportExec();
const {
uploadExecArgs,
uploadOptions,
disableSafeDirectory,
failCi,
os,
uploaderVersion,
uploadCommand,
} = await buildUploadExec();
const {args, verbose} = buildGeneralExec();
const platform = getPlatform(os);
const filename = path.join( __dirname, getUploaderName(platform));
https.get(getBaseUrl(platform, uploaderVersion), (res) => {
// Image will be stored at this path
const filePath = fs.createWriteStream(filename);
res.pipe(filePath);
filePath
.on('error', (err) => {
setFailure(
`Codecov: Failed to write uploader binary: ${err.message}`,
true,
);
}).on('finish', async () => {
filePath.close();
await verify(filename, platform, uploaderVersion, verbose, failCi);
await versionInfo(platform, uploaderVersion);
await fs.chmodSync(filename, '777');
if (!disableSafeDirectory) {
await setSafeDirectory();
}
const unlink = () => {
fs.unlink(filename, (err) => {
if (err) {
setFailure(
`Codecov: Could not unlink uploader: ${err.message}`,
failCi,
);
}
});
};
const doUpload = async () => {
await exec.exec(getCommand(filename, args, uploadCommand).join(' '),
uploadExecArgs,
uploadOptions)
.catch((err) => {
setFailure(
`Codecov:
Failed to properly upload report: ${err.message}`,
failCi,
);
});
};
const createReport = async () => {
await exec.exec(
getCommand(filename, args, reportCommand).join(' '),
reportExecArgs,
reportOptions)
.then(async (exitCode) => {
if (exitCode == 0) {
await doUpload();
}
}).catch((err) => {
setFailure(
`Codecov:
Failed to properly create report: ${err.message}`,
failCi,
);
});
};
await exec.exec(
getCommand(
filename,
args,
commitCommand,
).join(' '),
commitExecArgs, commitOptions)
.then(async (exitCode) => {
if (exitCode == 0) {
await createReport();
}
unlink();
}).catch((err) => {
setFailure(
`Codecov: Failed to properly create commit: ${err.message}`,
failCi,
);
});
});
});
} catch (err) {
setFailure(`Codecov: Encountered an unexpected error ${err.message}`, failCi);
try {
const {execArgs, options, failCi} = buildExec();
const platform = getPlatform();
if (!isValidPlatform()) {
setFailure(
`Codecov: Encountered an unexpected platform: ${platform}`,
failCi,
);
}
};
const filename = path.join( __dirname, getUploaderName());
https.get(BASEURL, (res) => {
// Image will be stored at this path
const filePath = fs.createWriteStream(filename);
res.pipe(filePath);
filePath
.on('error', (err) => {
setFailure(
`Codecov: Failed to write uploader binary: ${err.message}`,
true,
);
}).on('finish', async () => {
filePath.close();
run();
await verify(filename);
await fs.chmodSync(filename, '777');
const unlink = () => {
fs.unlink(filename, (err) => {
if (err) {
setFailure(
`Codecov: Could not unlink uploader: ${err.message}`,
failCi,
);
}
});
};
await exec.exec(filename, execArgs, options)
.catch((err) => {
setFailure(
`Codecov: Failed to properly upload: ${err.message}`,
failCi,
);
}).then(() => {
unlink();
});
});
});
} catch (err) {
setFailure(`Codecov: Encountered an unexpected error ${err.message}`, failCi);
}

137
src/validate.ts
View File

@@ -1,113 +1,74 @@
import * as crypto from 'crypto';
import * as fs from 'fs';
import * as gpg from 'gpg';
import * as path from 'path';
import * as core from '@actions/core';
import {request} from 'undici';
import * as openpgp from 'openpgp';
import * as fetch from 'node-fetch';
import {
getBaseUrl,
BASEURL,
getUploaderName,
setFailure,
} from './helpers';
const verify = async (
filename: string,
platform: string,
version: string,
verbose: boolean,
failCi: boolean,
): Promise<void> => {
const verify = async (filename: string) => {
try {
const uploaderName = getUploaderName(platform);
const uploaderName = getUploaderName();
// Read in public key
const publicKeyArmored = await fs.readFileSync(
path.join(__dirname, 'pgp_keys.asc'),
'utf-8',
);
// Get SHASUM and SHASUM signature files
console.log(`${getBaseUrl(platform, version)}.SHA256SUM`);
const shasumRes = await request(
`${getBaseUrl(platform, version)}.SHA256SUM`,
);
const shasum = await shasumRes.body.text();
if (verbose) {
console.log(`Received SHA256SUM ${shasum}`);
}
await fs.writeFileSync(
path.join(__dirname, `${uploaderName}.SHA256SUM`),
shasum,
);
const shasumRes = await fetch( `${BASEURL}.SHA256SUM`);
const shasum = await shasumRes.text();
const shaSigRes = await request(
`${getBaseUrl(platform, version)}.SHA256SUM.sig`,
);
const shaSig = await shaSigRes.body.text();
if (verbose) {
console.log(`Received SHA256SUM signature ${shaSig}`);
}
await fs.writeFileSync(
path.join(__dirname, `${uploaderName}.SHA256SUM.sig`),
shaSig,
);
const shaSigRes = await fetch( `${BASEURL}.SHA256SUM.sig`);
const shaSig = await shaSigRes.text();
const validateSha = async () => {
const calculateHash = async (filename: string) => {
const stream = fs.createReadStream(filename);
const uploaderSha = crypto.createHash(`sha256`);
stream.pipe(uploaderSha);
return new Promise((resolve, reject) => {
stream.on('end', () => resolve(
`${uploaderSha.digest('hex')} ${uploaderName}`,
));
stream.on('error', reject);
});
};
const hash = await calculateHash(
path.join(__dirname, `${uploaderName}`),
// Verify shasum
const verified = await openpgp.verify({
message: await openpgp.createMessage({text: shasum}),
signature: await openpgp.readSignature({armoredSignature: shaSig}),
verificationKeys: await openpgp.readKeys({armoredKeys: publicKeyArmored}),
});
const valid = await verified.signatures[0].verified;
if (valid) {
core.info('==> SHASUM file signed by key id ' +
verified.signatures[0].keyID.toHex(),
);
if (hash === shasum) {
core.info(`==> Uploader SHASUM verified (${hash})`);
} else {
setFailure(
'Codecov: Uploader shasum does not match -- ' +
`uploader hash: ${hash}, public hash: ${shasum}`,
failCi,
);
}
};
} else {
setFailure('Codecov: Error validating SHASUM signature', true);
}
const verifySignature = () => {
gpg.call('', [
'--logger-fd',
'1',
'--verify',
path.join(__dirname, `${uploaderName}.SHA256SUM.sig`),
path.join(__dirname, `${uploaderName}.SHA256SUM`),
], async (err, verifyResult) => {
if (err) {
setFailure('Codecov: Error importing pgp key', failCi);
}
core.info(verifyResult);
await validateSha();
const calculateHash = async (filename: string) => {
const stream = fs.createReadStream(filename);
const uploaderSha = crypto.createHash(`sha256`);
stream.pipe(uploaderSha);
return new Promise((resolve, reject) => {
stream.on('end', () => resolve(
`${uploaderSha.digest('hex')} ${uploaderName}`,
));
stream.on('error', reject);
});
};
// Import gpg key
gpg.call('', [
'--logger-fd',
'1',
'--no-default-keyring',
'--import',
path.join(__dirname, 'pgp_keys.asc'),
], async (err, importResult) => {
if (err) {
setFailure('Codecov: Error importing pgp key', failCi);
}
core.info(importResult);
verifySignature();
});
const hash = await calculateHash(filename);
if (hash === shasum) {
core.info(`==> Uploader SHASUM verified (${hash})`);
} else {
setFailure(
'Codecov: Uploader shasum does not match -- ' +
`uploader hash: ${hash}, public hash: ${shasum}`,
true,
);
}
} catch (err) {
setFailure(`Codecov: Error validating uploader: ${err.message}`, failCi);
setFailure(`Codecov: Error validating uploader: ${err.message}`, true);
}
};
export default verify;

20
src/version.ts
View File

@@ -1,20 +0,0 @@
import * as core from '@actions/core';
import {request} from 'undici';
const versionInfo = async (
platform: string,
version: string,
): Promise<void> => {
core.info(`==> Running version ${version}`);
try {
const metadataRes = await request(`https://cli.codecov.io/${platform}/${version}`, {
headers: {'Accept': 'application/json'},
});
const metadata = await metadataRes.body.json();
core.info(`==> Running version ${metadata['version']}`);
} catch (err) {
core.info(`Could not pull latest version information: ${err}`);
}
};
export default versionInfo;