diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 4d36fe89b..54c8a6bc4 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -41,7 +41,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3.28.17 + uses: github/codeql-action/init@v3.28.18 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -52,7 +52,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v3.28.17 + uses: github/codeql-action/autobuild@v3.28.18 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -66,4 +66,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3.28.17 + uses: github/codeql-action/analyze@v3.28.18 diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 695b50852..73f0c1790 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -14,11 +14,12 @@ jobs: - name: Checkout uses: actions/checkout@v4.2.2 with: - submodules: 'true' + submodules: "true" - name: Install dependencies run: pip install -r src/scripts/app/requirements.txt - name: Run tests and collect coverage run: pytest src/scripts/app/ --cov + - name: Upload coverage to Codecov (script) uses: ./ with: @@ -55,7 +56,7 @@ jobs: - name: Checkout uses: actions/checkout@v4.2.2 with: - submodules: 'true' + submodules: "true" - name: Install dependencies run: pip install -r src/scripts/app/requirements.txt - name: Run tests and collect coverage @@ -104,15 +105,16 @@ jobs: - name: Checkout uses: actions/checkout@v4.2.2 with: - submodules: 'true' + submodules: "true" - name: Install deps run: | - apt-get install git + apt-get update && apt-get install -y git + - name: Upload coverage to Codecov (script) uses: ./ with: files: ./coverage/script/coverage-final.json - flags: script-${{ matrix.os }} + flags: script-container name: codecov-script verbose: true token: ${{ secrets.CODECOV_TOKEN }} @@ -120,7 +122,7 @@ jobs: uses: ./ with: files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json,./coverage/coverage-final.json - flags: demo-${{ matrix.os }} + flags: demo-container name: codecov-demo verbose: true token: ${{ secrets.CODECOV_TOKEN }} @@ -128,8 +130,107 @@ jobs: uses: ./ with: files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json,./coverage/coverage-final.json - flags: version-${{ matrix.os }} + flags: version-container name: codecov-version version: v9.1.0 verbose: true token: ${{ secrets.CODECOV_TOKEN }} + + run-alpine-missing-deps: + runs-on: ubuntu-latest + container: alpine:latest + steps: + - name: Install only some deps (missing gpg and bash) + run: | + apk add git + - name: Checkout + uses: actions/checkout@v4.2.2 + with: + submodules: "true" + - name: Upload coverage to Codecov (should fail due to missing dependencies) + id: codecov-upload + continue-on-error: true + uses: ./ + with: + files: ./coverage/script/coverage-final.json + flags: script-alpine-missing-deps + name: codecov-script + verbose: true + token: ${{ secrets.CODECOV_TOKEN }} + - name: Verify dependency check failed + run: | + if [ "${{ steps.codecov-upload.outcome }}" = "failure" ]; then + echo "✓ Action correctly failed due to missing dependencies" + exit 0 + else + echo "✗ Action should have failed but didn't" + exit 1 + fi + + run-alpine-success: + runs-on: ubuntu-latest + container: alpine:latest + steps: + - name: Install all required deps + run: | + apk add git curl gnupg bash + - name: Checkout + uses: actions/checkout@v4.2.2 + with: + submodules: "true" + - name: Upload coverage to Codecov (should succeed) + uses: ./ + with: + files: ./coverage/script/coverage-final.json + flags: script-alpine-success + name: codecov-script + verbose: true + token: ${{ secrets.CODECOV_TOKEN }} + - name: Upload coverage to Codecov (demo) + uses: ./ + with: + files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json,./coverage/coverage-final.json + flags: demo-alpine-success + name: codecov-demo + verbose: true + token: ${{ secrets.CODECOV_TOKEN }} + - name: Upload coverage to Codecov (version) + uses: ./ + with: + files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json,./coverage/coverage-final.json + flags: version-alpine-success + name: codecov-version + version: v9.1.0 + verbose: true + token: ${{ secrets.CODECOV_TOKEN }} + + run-alpine-partial-deps: + runs-on: ubuntu-latest + container: alpine:latest + steps: + - name: Install only some deps (missing gpg and bash) + run: | + apk add git curl + - name: Checkout + uses: actions/checkout@v4.2.2 + with: + submodules: "true" + - name: Upload coverage to Codecov (should fail due to missing gpg and bash) + id: codecov-upload + continue-on-error: true + uses: ./ + with: + files: ./coverage/script/coverage-final.json + flags: script-alpine-partial-deps + name: codecov-script + verbose: true + token: ${{ secrets.CODECOV_TOKEN }} + - name: Verify dependency check failed + run: | + if [ "${{ steps.codecov-upload.outcome }}" = "failure" ]; then + echo "✓ Action correctly failed due to missing dependencies (gpg and bash)" + exit 0 + else + echo "✗ Action should have failed but didn't" + exit 1 + fi diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml index fae91ecc0..bec4d3df2 100644 --- a/.github/workflows/scorecards-analysis.yml +++ b/.github/workflows/scorecards-analysis.yml @@ -57,6 +57,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@v3.28.17 # v1.0.26 + uses: github/codeql-action/upload-sarif@v3.28.18 # v1.0.26 with: sarif_file: results.sarif diff --git a/CHANGELOG.md b/CHANGELOG.md index 682d1ddac..2ce09b126 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,17 @@ +## v5.5.0 + +### What's Changed +* feat: upgrade wrapper to 0.2.4 by @jviall in https://github.com/codecov/codecov-action/pull/1864 +* Pin actions/github-script by Git SHA by @martincostello in https://github.com/codecov/codecov-action/pull/1859 +* fix: check reqs exist by @joseph-sentry in https://github.com/codecov/codecov-action/pull/1835 +* fix: Typo in README by @spalmurray in https://github.com/codecov/codecov-action/pull/1838 +* docs: Refine OIDC docs by @spalmurray in https://github.com/codecov/codecov-action/pull/1837 +* build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by @app/dependabot in https://github.com/codecov/codecov-action/pull/1829 + + +**Full Changelog**: https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0 + + ## v5.4.3 ### What's Changed diff --git a/README.md b/README.md index 79008bf37..f342d82f6 100644 --- a/README.md +++ b/README.md @@ -3,16 +3,19 @@ [![GitHub Marketplace](https://img.shields.io/badge/Marketplace-v5-undefined.svg?logo=github&logoColor=white&style=flat)](https://github.com/marketplace/actions/codecov) [![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fcodecov%2Fcodecov-action.svg?type=shield)](https://app.fossa.com/projects/git%2Bgithub.com%2Fcodecov%2Fcodecov-action?ref=badge_shield) [![Workflow for Codecov Action](https://github.com/codecov/codecov-action/actions/workflows/main.yml/badge.svg)](https://github.com/codecov/codecov-action/actions/workflows/main.yml) + ### Easily upload coverage reports to Codecov from GitHub Actions ## v5 Release + `v5` of the Codecov GitHub Action will use the [Codecov Wrapper](https://github.com/codecov/wrapper) to encapsulate the [CLI](https://github.com/codecov/codecov-cli). This will help ensure that the Action gets updates quicker. ### Migration Guide + The `v5` release also coincides with the opt-out feature for tokens for public repositories. In the `Global Upload Token` section of the settings page of an organization in codecov.io, you can set the ability for Codecov to receive a coverage reports from any source. This will allow contributors or other members of a repository to upload without needing access to the Codecov token. For more details see [how to upload without a token](https://docs.codecov.com/docs/codecov-tokens#uploading-without-a-token). -> [!WARNING] -> **The following arguments have been changed** +> [!WARNING] > **The following arguments have been changed** +> > - `file` (this has been deprecated in favor of `files`) > - `plugin` (this has been deprecated in favor of `plugins`) @@ -30,27 +33,32 @@ The following arguments have been added: You can see their usage in the `action.yml` [file](https://github.com/codecov/codecov-action/blob/main/action.yml). ## v4 Release + `v4` of the Codecov GitHub Action will use the [Codecov CLI](https://github.com/codecov/codecov-cli) to upload coverage reports to Codecov. ### Breaking Changes + - Tokenless uploading is unsupported. However, PRs made from forks to the upstream public repos will support tokenless (e.g. contributors to OSS projects do not need the upstream repo's Codecov token). For details, [see our docs](https://docs.codecov.com/docs/codecov-uploader#supporting-token-less-uploads-for-forks-of-open-source-repos-using-codecov) - Various arguments to the Action have been removed ### Dependabot + - For repositories using `Dependabot`, users will need to ensure that it has access to the Codecov token for PRs from Dependabot to upload coverage. To do this, please add your `CODECOV_TOKEN` as a Dependabot Secret. For more information, see ["Configuring access to private registries for Dependabot."](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/configuring-access-to-private-registries-for-dependabot#storing-credentials-for-dependabot-to-use) `v3` versions and below will not have access to CLI features (e.g. global upload token, ATS). ## Usage +> [!CAUTION] +> In order for the Action to work seamlessly, you will need to have `bash`, `curl`, `git`, and `gpg` installed on your runner. You will also need to run [actions/checkout](https://github.com/actions/checkout) before calling the Codecov action. If these are not present, the Action will fail. Github Actions runners will have these installed by default. If you are using a custom runner or running in a container, you will need to ensure that these are installed. + To integrate Codecov with your Actions pipeline, specify the name of this repository with a tag number (`@v5` is recommended) as a `step` within your `workflow.yml` file. -> [!WARNING] -> In order for the Action to work seamlessly, you will need to have `curl`, `git`, and `gpg` installed on your runner. You will also need to run the [actions/checkout](https://github.com/actions/checkout) before calling the Codecov action. This Action also requires you to [provide an upload token](https://docs.codecov.io/docs/frequently-asked-questions#section-where-is-the-repository-upload-token-found-) from [codecov.io](https://www.codecov.io) (tip: in order to avoid exposing your token, [store it](https://docs.codecov.com/docs/adding-the-codecov-token#github-actions) as a `secret`). Currently, the Action will identify linux, macos, and windows runners. However, the Action may misidentify other architectures. The OS can be specified as + - alpine - alpine-arm64 - linux @@ -62,37 +70,39 @@ Inside your `.github/workflows/workflow.yml` file: ```yaml steps: -- uses: actions/checkout@main -- uses: codecov/codecov-action@v5 - with: - fail_ci_if_error: true # optional (default = false) - files: ./coverage1.xml,./coverage2.xml # optional - flags: unittests # optional - name: codecov-umbrella # optional - token: ${{ secrets.CODECOV_TOKEN }} - verbose: true # optional (default = false) + - uses: actions/checkout@main + - uses: codecov/codecov-action@v5 + with: + fail_ci_if_error: true # optional (default = false) + files: ./coverage1.xml,./coverage2.xml # optional + flags: unittests # optional + name: codecov-umbrella # optional + token: ${{ secrets.CODECOV_TOKEN }} + verbose: true # optional (default = false) ``` The Codecov token can also be passed in via environment variables: ```yaml steps: -- uses: actions/checkout@main -- uses: codecov/codecov-action@v5 - with: - fail_ci_if_error: true # optional (default = false) - files: ./coverage1.xml,./coverage2.xml # optional - flags: unittests # optional - name: codecov-umbrella # optional - verbose: true # optional (default = false) - env: - CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} + - uses: actions/checkout@main + - uses: codecov/codecov-action@v5 + with: + fail_ci_if_error: true # optional (default = false) + files: ./coverage1.xml,./coverage2.xml # optional + flags: unittests # optional + name: codecov-umbrella # optional + verbose: true # optional (default = false) + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} ``` -> [!NOTE] -> This assumes that you've set your Codecov token inside *Settings > Secrets* as `CODECOV_TOKEN`. If not, you can [get an upload token](https://docs.codecov.io/docs/frequently-asked-questions#section-where-is-the-repository-upload-token-found-) for your specific repo on [codecov.io](https://www.codecov.io). Keep in mind that secrets are *not* available to forks of repositories. + +> [!IMPORTANT] +> This assumes that you've set your Codecov token inside _Settings > Secrets_ as `CODECOV_TOKEN`. If not, you can [get an upload token](https://docs.codecov.io/docs/frequently-asked-questions#section-where-is-the-repository-upload-token-found-) for your specific repo on [codecov.io](https://www.codecov.io). Keep in mind that secrets are _not_ available to forks of repositories. ### Using OIDC -For users with [OpenID Connect(OIDC) enabled](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect), the Codecov token is not necessary. You can use OIDC with the `use_oidc` argument as following. + +As an alternative to Codecov upload tokens, you can choose to use OIDC as your upload authentication method by setting the `use_oidc` argument: ```yaml - uses: codecov/codecov-action@v5 @@ -102,6 +112,15 @@ For users with [OpenID Connect(OIDC) enabled](https://docs.github.com/en/actions Any token supplied will be ignored, as Codecov will default to the OIDC token for verification. +Note that the codecov action must have write permission for `id-token` for this to work: + +```yaml +permissions: + id-token: write +``` + +This can be set at either the workflow or job level. See GitHub's [docs](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect) for more details. + ## Arguments Codecov's Action supports inputs from the user. These inputs, along with their descriptions and usage contexts, are listed in the table below: @@ -171,30 +190,31 @@ jobs: os: [ubuntu-latest, macos-latest, windows-latest] env: OS: ${{ matrix.os }} - PYTHON: '3.10' + PYTHON: "3.10" steps: - - uses: actions/checkout@main - - name: Setup Python - uses: actions/setup-python@main - with: - python-version: '3.10' - - name: Generate coverage report - run: | - pip install pytest - pip install pytest-cov - pytest --cov=./ --cov-report=xml - - name: Upload coverage to Codecov - uses: codecov/codecov-action@v5 - with: - directory: ./coverage/reports/ - env_vars: OS,PYTHON - fail_ci_if_error: true - files: ./coverage1.xml,./coverage2.xml,!./cache - flags: unittests - name: codecov-umbrella - token: ${{ secrets.CODECOV_TOKEN }} - verbose: true + - uses: actions/checkout@main + - name: Setup Python + uses: actions/setup-python@main + with: + python-version: "3.10" + - name: Generate coverage report + run: | + pip install pytest + pip install pytest-cov + pytest --cov=./ --cov-report=xml + - name: Upload coverage to Codecov + uses: codecov/codecov-action@v5 + with: + directory: ./coverage/reports/ + env_vars: OS,PYTHON + fail_ci_if_error: true + files: ./coverage1.xml,./coverage2.xml,!./cache + flags: unittests + name: codecov-umbrella + token: ${{ secrets.CODECOV_TOKEN }} + verbose: true ``` + ## Contributing Contributions are welcome! Check out the [Contribution Guide](CONTRIBUTING.md). diff --git a/action.yml b/action.yml index f99bba61b..db668d416 100644 --- a/action.yml +++ b/action.yml @@ -175,6 +175,26 @@ branding: runs: using: "composite" steps: + - name: Check system dependencies + shell: sh + run: | + missing_deps="" + + # Check for required commands + for cmd in bash git curl gpg; do + if ! command -v "$cmd" >/dev/null 2>&1; then + missing_deps="$missing_deps $cmd" + fi + done + + # Report missing required dependencies + if [ -n "$missing_deps" ]; then + echo "Error: The following required dependencies are missing:$missing_deps" + echo "Please install these dependencies before using this action." + exit 1 + fi + + echo "All required system dependencies are available." - name: Action version shell: bash run: | @@ -203,7 +223,7 @@ runs: GITHUB_REPOSITORY: ${{ github.repository }} - name: Get OIDC token - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 id: oidc with: script: | diff --git a/dist/codecov.sh b/dist/codecov.sh index b82fa723c..0b7717197 100755 --- a/dist/codecov.sh +++ b/dist/codecov.sh @@ -1,5 +1,4 @@ #!/usr/bin/env bash -CC_WRAPPER_VERSION="0.2.1" set +u say() { echo -e "$1" @@ -37,6 +36,12 @@ b="\033[0;36m" # variables/constants g="\033[0;32m" # info/debug r="\033[0;31m" # errors x="\033[0m" +retry="--retry 5 --retry-delay 2" +CC_WRAPPER_VERSION="0.2.7" +CC_VERSION="${CC_VERSION:-latest}" +CC_FAIL_ON_ERROR="${CC_FAIL_ON_ERROR:-false}" +CC_RUN_CMD="${CC_RUN_CMD:-upload-coverage}" +CC_CLI_TYPE=${CC_CLI_TYPE:-"codecov-cli"} say " _____ _ / ____| | | | | ___ __| | ___ ___ _____ __ @@ -44,26 +49,27 @@ say " _____ _ | |___| (_) | (_| | __/ (_| (_) \\ V / \\_____\\___/ \\__,_|\\___|\\___\\___/ \\_/ $r Wrapper-$CC_WRAPPER_VERSION$x - " -CC_VERSION="${CC_VERSION:-latest}" -CC_FAIL_ON_ERROR="${CC_FAIL_ON_ERROR:-false}" -CC_RUN_CMD="${CC_RUN_CMD:-upload-coverage}" + " +if [[ "$CC_CLI_TYPE" != "codecov-cli" && "$CC_CLI_TYPE" != "sentry-prevent-cli" ]]; then + echo "Invalid CC_CLI_TYPE: '$CC_CLI_TYPE'. Must be 'codecov-cli' or 'sentry-prevent-cli'" + exit 1 +fi if [ -n "$CC_BINARY" ]; then if [ -f "$CC_BINARY" ]; then - c_filename=$CC_BINARY - c_command=$CC_BINARY + CC_FILENAME=$CC_BINARY + CC_COMMAND=$CC_BINARY else exit_if_error "Could not find binary file $CC_BINARY" fi elif [ "$CC_USE_PYPI" == "true" ]; then - if ! pip install codecov-cli"$([ "$CC_VERSION" == "latest" ] && echo "" || echo "==$CC_VERSION" )"; then + if ! pip install "${CC_CLI_TYPE}$([ "$CC_VERSION" == "latest" ] && echo "" || echo "==$CC_VERSION")"; then exit_if_error "Could not install via pypi." exit fi - c_command="codecovcli" + CC_COMMAND="${CC_CLI_TYPE}" else if [ -n "$CC_OS" ]; then @@ -79,181 +85,185 @@ else [[ $(arch) == "aarch64" && $family == "linux" ]] && CC_OS+="-arm64" say "$g==>$x Detected $b${CC_OS}$x" fi - c_filename="codecov" - [[ $CC_OS == "windows" ]] && c_filename+=".exe" - c_command="./$c_filename" + CC_FILENAME="${CC_CLI_TYPE%-cli}" + [[ $CC_OS == "windows" ]] && CC_FILENAME+=".exe" + CC_COMMAND="./$CC_FILENAME" [[ $CC_OS == "macos" ]] && \ ! command -v gpg 2>&1 >/dev/null && \ HOMEBREW_NO_AUTO_UPDATE=1 brew install gpg - c_url="https://cli.codecov.io" - c_url="$c_url/${CC_VERSION}" - c_url="$c_url/${CC_OS}/${c_filename}" - say "$g ->$x Downloading $b${c_url}$x" - curl -O --retry 5 --retry-delay 2 "$c_url" + CC_URL="${CC_CLI_URL:-https://cli.codecov.io}" + CC_URL="$CC_URL/${CC_VERSION}" + CC_URL="$CC_URL/${CC_OS}/${CC_FILENAME}" + say "$g ->$x Downloading $b${CC_URL}$x" + curl -O $retry "$CC_URL" say "$g==>$x Finishing downloading $b${CC_OS}:${CC_VERSION}$x" - version_url="https://cli.codecov.io/api/${CC_OS}/${CC_VERSION}" - version=$(curl -s "$version_url" -H "Accept:application/json" | tr \{ '\n' | tr , '\n' | tr \} '\n' | grep "\"version\"" | awk -F'"' '{print $4}' | tail -1) - say " Version: $b$version$x" + v_url="https://cli.codecov.io/api/${CC_OS}/${CC_VERSION}" + v=$(curl $retry --retry-all-errors -s "$v_url" -H "Accept:application/json" | tr \{ '\n' | tr , '\n' | tr \} '\n' | grep "\"version\"" | awk -F'"' '{print $4}' | tail -1) + say " Version: $b$v$x" say " " fi if [ "$CC_SKIP_VALIDATION" == "true" ] || [ -n "$CC_BINARY" ] || [ "$CC_USE_PYPI" == "true" ]; then say "$r==>$x Bypassing validation..." + if [ "$CC_SKIP_VALIDATION" == "true" ]; + then + chmod +x "$CC_COMMAND" + fi else -CC_PUBLIC_PGP_KEY=$(curl -s https://keybase.io/codecovsecurity/pgp_keys.asc) - echo "${CC_PUBLIC_PGP_KEY}" | \ + echo "$(curl -s https://keybase.io/codecovsecurity/pgp_keys.asc)" | \ gpg --no-default-keyring --import # One-time step say "$g==>$x Verifying GPG signature integrity" sha_url="https://cli.codecov.io" sha_url="${sha_url}/${CC_VERSION}/${CC_OS}" - sha_url="${sha_url}/${c_filename}.SHA256SUM" + sha_url="${sha_url}/${CC_FILENAME}.SHA256SUM" say "$g ->$x Downloading $b${sha_url}$x" say "$g ->$x Downloading $b${sha_url}.sig$x" say " " - curl -Os --retry 5 --retry-delay 2 --connect-timeout 2 "$sha_url" - curl -Os --retry 5 --retry-delay 2 --connect-timeout 2 "${sha_url}.sig" - if ! gpg --verify "${c_filename}.SHA256SUM.sig" "${c_filename}.SHA256SUM"; + curl -Os $retry --connect-timeout 2 "$sha_url" + curl -Os $retry --connect-timeout 2 "${sha_url}.sig" + if ! gpg --verify "${CC_FILENAME}.SHA256SUM.sig" "${CC_FILENAME}.SHA256SUM"; then exit_if_error "Could not verify signature. Please contact Codecov if problem continues" fi - if ! (shasum -a 256 -c "${c_filename}.SHA256SUM" 2>/dev/null || \ - sha256sum -c "${c_filename}.SHA256SUM"); + if ! (shasum -a 256 -c "${CC_FILENAME}.SHA256SUM" 2>/dev/null || \ + sha256sum -c "${CC_FILENAME}.SHA256SUM"); then exit_if_error "Could not verify SHASUM. Please contact Codecov if problem continues" fi say "$g==>$x CLI integrity verified" say - chmod +x "$c_command" + chmod +x "$CC_COMMAND" fi if [ -n "$CC_BINARY_LOCATION" ]; then - mkdir -p "$CC_BINARY_LOCATION" && mv "$c_filename" $_ - say "$g==>$x Codecov binary moved to ${CC_BINARY_LOCATION}" + mkdir -p "$CC_BINARY_LOCATION" && mv "$CC_FILENAME" $_ + say "$g==>$x ${CC_CLI_TYPE} binary moved to ${CC_BINARY_LOCATION}" fi if [ "$CC_DOWNLOAD_ONLY" = "true" ]; then - say "$g==>$x Codecov download only called. Exiting..." + say "$g==>$x ${CC_CLI_TYPE} download only called. Exiting..." + exit fi -c_cli_args=() -c_cli_args+=( $(k_arg AUTO_LOAD_PARAMS_FROM) $(v_arg AUTO_LOAD_PARAMS_FROM)) -c_cli_args+=( $(k_arg ENTERPRISE_URL) $(v_arg ENTERPRISE_URL)) +CC_CLI_ARGS=() +CC_CLI_ARGS+=( $(k_arg AUTO_LOAD_PARAMS_FROM) $(v_arg AUTO_LOAD_PARAMS_FROM)) +CC_CLI_ARGS+=( $(k_arg ENTERPRISE_URL) $(v_arg ENTERPRISE_URL)) if [ -n "$CC_YML_PATH" ] then - c_cli_args+=( "--codecov-yml-path" ) - c_cli_args+=( "$CC_YML_PATH" ) -fi -c_cli_args+=( $(write_bool_args CC_DISABLE_TELEM) ) -c_cli_args+=( $(write_bool_args CC_VERBOSE) ) -if [ -n "$CC_TOKEN_VAR" ]; -then - token="$(eval echo \$$CC_TOKEN_VAR)" -else - token="$(eval echo $CC_TOKEN)" -fi -say "$g ->$x Token of length ${#token} detected" -token_str="" -token_arg=() -if [ -n "$token" ]; -then - token_str+=" -t " - token_arg+=( " -t " "$token") + CC_CLI_ARGS+=( "--codecov-yml-path" ) + CC_CLI_ARGS+=( "$CC_YML_PATH" ) fi -c_args=() +CC_CLI_ARGS+=( $(write_bool_args CC_DISABLE_TELEM) ) +CC_CLI_ARGS+=( $(write_bool_args CC_VERBOSE) ) +CC_ARGS=() if [ "$CC_RUN_CMD" == "upload-coverage" ]; then # Args for create commit -c_args+=( $(write_bool_args CC_FAIL_ON_ERROR) ) -c_args+=( $(k_arg GIT_SERVICE) $(v_arg GIT_SERVICE)) -c_args+=( $(k_arg PARENT_SHA) $(v_arg PARENT_SHA)) -c_args+=( $(k_arg PR) $(v_arg PR)) -c_args+=( $(k_arg SHA) $(v_arg SHA)) -c_args+=( $(k_arg SLUG) $(v_arg SLUG)) +CC_ARGS+=( $(write_bool_args CC_FAIL_ON_ERROR) ) +CC_ARGS+=( $(k_arg GIT_SERVICE) $(v_arg GIT_SERVICE)) +CC_ARGS+=( $(k_arg PARENT_SHA) $(v_arg PARENT_SHA)) +CC_ARGS+=( $(k_arg PR) $(v_arg PR)) +CC_ARGS+=( $(k_arg SHA) $(v_arg SHA)) +CC_ARGS+=( $(k_arg SLUG) $(v_arg SLUG)) # Args for create report -c_args+=( $(k_arg CODE) $(v_arg CODE)) +CC_ARGS+=( $(k_arg CODE) $(v_arg CODE)) # Args for do upload -c_args+=( $(k_arg ENV) $(v_arg ENV)) +CC_ARGS+=( $(k_arg ENV) $(v_arg ENV)) OLDIFS=$IFS;IFS=, -c_args+=( $(k_arg BRANCH) $(v_arg BRANCH)) -c_args+=( $(k_arg BUILD) $(v_arg BUILD)) -c_args+=( $(k_arg BUILD_URL) $(v_arg BUILD_URL)) -c_args+=( $(k_arg DIR) $(v_arg DIR)) -c_args+=( $(write_bool_args CC_DISABLE_FILE_FIXES) ) -c_args+=( $(write_bool_args CC_DISABLE_SEARCH) ) -c_args+=( $(write_bool_args CC_DRY_RUN) ) +CC_ARGS+=( $(k_arg BRANCH) $(v_arg BRANCH)) +CC_ARGS+=( $(k_arg BUILD) $(v_arg BUILD)) +CC_ARGS+=( $(k_arg BUILD_URL) $(v_arg BUILD_URL)) +CC_ARGS+=( $(k_arg DIR) $(v_arg DIR)) +CC_ARGS+=( $(write_bool_args CC_DISABLE_FILE_FIXES) ) +CC_ARGS+=( $(write_bool_args CC_DISABLE_SEARCH) ) +CC_ARGS+=( $(write_bool_args CC_DRY_RUN) ) if [ -n "$CC_EXCLUDES" ]; then for directory in $CC_EXCLUDES; do - c_args+=( "--exclude" "$directory" ) + CC_ARGS+=( "--exclude" "$directory" ) done fi if [ -n "$CC_FILES" ]; then for file in $CC_FILES; do - c_args+=( "--file" "$file" ) + CC_ARGS+=( "--file" "$file" ) done fi if [ -n "$CC_FLAGS" ]; then for flag in $CC_FLAGS; do - c_args+=( "--flag" "$flag" ) + CC_ARGS+=( "--flag" "$flag" ) done fi -c_args+=( $(k_arg GCOV_ARGS) $(v_arg GCOV_ARGS)) -c_args+=( $(k_arg GCOV_EXECUTABLE) $(v_arg GCOV_EXECUTABLE)) -c_args+=( $(k_arg GCOV_IGNORE) $(v_arg GCOV_IGNORE)) -c_args+=( $(k_arg GCOV_INCLUDE) $(v_arg GCOV_INCLUDE)) -c_args+=( $(write_bool_args CC_HANDLE_NO_REPORTS_FOUND) ) -c_args+=( $(write_bool_args CC_RECURSE_SUBMODULES) ) -c_args+=( $(k_arg JOB_CODE) $(v_arg JOB_CODE)) -c_args+=( $(write_bool_args CC_LEGACY) ) +CC_ARGS+=( $(k_arg GCOV_ARGS) $(v_arg GCOV_ARGS)) +CC_ARGS+=( $(k_arg GCOV_EXECUTABLE) $(v_arg GCOV_EXECUTABLE)) +CC_ARGS+=( $(k_arg GCOV_IGNORE) $(v_arg GCOV_IGNORE)) +CC_ARGS+=( $(k_arg GCOV_INCLUDE) $(v_arg GCOV_INCLUDE)) +CC_ARGS+=( $(write_bool_args CC_HANDLE_NO_REPORTS_FOUND) ) +CC_ARGS+=( $(write_bool_args CC_RECURSE_SUBMODULES) ) +CC_ARGS+=( $(k_arg JOB_CODE) $(v_arg JOB_CODE)) +CC_ARGS+=( $(write_bool_args CC_LEGACY) ) if [ -n "$CC_NAME" ]; then - c_args+=( "--name" "$CC_NAME" ) + CC_ARGS+=( "--name" "$CC_NAME" ) fi -c_args+=( $(k_arg NETWORK_FILTER) $(v_arg NETWORK_FILTER)) -c_args+=( $(k_arg NETWORK_PREFIX) $(v_arg NETWORK_PREFIX)) -c_args+=( $(k_arg NETWORK_ROOT_FOLDER) $(v_arg NETWORK_ROOT_FOLDER)) +CC_ARGS+=( $(k_arg NETWORK_FILTER) $(v_arg NETWORK_FILTER)) +CC_ARGS+=( $(k_arg NETWORK_PREFIX) $(v_arg NETWORK_PREFIX)) +CC_ARGS+=( $(k_arg NETWORK_ROOT_FOLDER) $(v_arg NETWORK_ROOT_FOLDER)) if [ -n "$CC_PLUGINS" ]; then for plugin in $CC_PLUGINS; do - c_args+=( "--plugin" "$plugin" ) + CC_ARGS+=( "--plugin" "$plugin" ) done fi -c_args+=( $(k_arg REPORT_TYPE) $(v_arg REPORT_TYPE)) -c_args+=( $(k_arg SWIFT_PROJECT) $(v_arg SWIFT_PROJECT)) +CC_ARGS+=( $(k_arg REPORT_TYPE) $(v_arg REPORT_TYPE)) +CC_ARGS+=( $(k_arg SWIFT_PROJECT) $(v_arg SWIFT_PROJECT)) IFS=$OLDIFS elif [ "$CC_RUN_CMD" == "empty-upload" ]; then -c_args+=( $(k_arg BRANCH) $(v_arg BRANCH)) -c_args+=( $(write_bool_args CC_FAIL_ON_ERROR) ) -c_args+=( $(write_bool_args CC_FORCE) ) -c_args+=( $(k_arg GIT_SERVICE) $(v_arg GIT_SERVICE)) -c_args+=( $(k_arg PARENT_SHA) $(v_arg PARENT_SHA)) -c_args+=( $(k_arg PR) $(v_arg PR)) -c_args+=( $(k_arg SHA) $(v_arg SHA)) -c_args+=( $(k_arg SLUG) $(v_arg SLUG)) +CC_ARGS+=( $(k_arg BRANCH) $(v_arg BRANCH)) +CC_ARGS+=( $(write_bool_args CC_FAIL_ON_ERROR) ) +CC_ARGS+=( $(write_bool_args CC_FORCE) ) +CC_ARGS+=( $(k_arg GIT_SERVICE) $(v_arg GIT_SERVICE)) +CC_ARGS+=( $(k_arg PARENT_SHA) $(v_arg PARENT_SHA)) +CC_ARGS+=( $(k_arg PR) $(v_arg PR)) +CC_ARGS+=( $(k_arg SHA) $(v_arg SHA)) +CC_ARGS+=( $(k_arg SLUG) $(v_arg SLUG)) elif [ "$CC_RUN_CMD" == "pr-base-picking" ]; then -c_args+=( $(k_arg BASE_SHA) $(v_arg BASE_SHA)) -c_args+=( $(k_arg PR) $(v_arg PR)) -c_args+=( $(k_arg SLUG) $(v_arg SLUG)) -c_args+=( $(k_arg SERVICE) $(v_arg SERVICE)) +CC_ARGS+=( $(k_arg BASE_SHA) $(v_arg BASE_SHA)) +CC_ARGS+=( $(k_arg PR) $(v_arg PR)) +CC_ARGS+=( $(k_arg SLUG) $(v_arg SLUG)) +CC_ARGS+=( $(k_arg SERVICE) $(v_arg SERVICE)) elif [ "$CC_RUN_CMD" == "send-notifications" ]; then -c_args+=( $(k_arg SHA) $(v_arg SHA)) -c_args+=( $(write_bool_args CC_FAIL_ON_ERROR) ) -c_args+=( $(k_arg GIT_SERVICE) $(v_arg GIT_SERVICE)) -c_args+=( $(k_arg SLUG) $(v_arg SLUG)) +CC_ARGS+=( $(k_arg SHA) $(v_arg SHA)) +CC_ARGS+=( $(write_bool_args CC_FAIL_ON_ERROR) ) +CC_ARGS+=( $(k_arg GIT_SERVICE) $(v_arg GIT_SERVICE)) +CC_ARGS+=( $(k_arg SLUG) $(v_arg SLUG)) else exit_if_error "Invalid run command specified: $CC_RUN_CMD" exit fi unset NODE_OPTIONS # github.com/codecov/uploader/issues/475 +if [ -n "$CC_TOKEN_VAR" ]; +then + token="$(eval echo \$$CC_TOKEN_VAR)" +else + token="$(eval echo $CC_TOKEN)" +fi +say "$g ->$x Token length: ${#token}" +token_str="" +token_arg=() +if [ -n "$token" ]; +then + token_str+=" -t " + token_arg+=( " -t " "$token") +fi say "$g==>$x Running $CC_RUN_CMD" -say " $b$c_command $(echo "${c_cli_args[@]}") $CC_RUN_CMD$token_str $(echo "${c_args[@]}")$x" -if ! $c_command \ - ${c_cli_args[*]} \ +say " $b$CC_COMMAND $(echo "${CC_CLI_ARGS[@]}") $CC_RUN_CMD$token_str $(echo "${CC_ARGS[@]}")$x" +if ! $CC_COMMAND \ + ${CC_CLI_ARGS[*]} \ ${CC_RUN_CMD} \ ${token_arg[*]} \ - "${c_args[@]}"; + "${CC_ARGS[@]}"; then exit_if_error "Failed to run $CC_RUN_CMD" fi diff --git a/src/scripts b/src/scripts index be39e7f9e..473e29246 160000 --- a/src/scripts +++ b/src/scripts @@ -1 +1 @@ -Subproject commit be39e7f9eb833a3a031858e4bff2424e97000630 +Subproject commit 473e2924695f5dbe1cca4a5f6f8a7182c2ddadc5 diff --git a/src/version b/src/version index 6ffbe8ba8..d50359de1 100644 --- a/src/version +++ b/src/version @@ -1 +1 @@ -5.4.3 +5.5.0