Skip to content

Commit

Permalink
Merge pull request #440 from codecov/2.0.2-token-fixes
Browse files Browse the repository at this point in the history
2.0.2 token fixes
  • Loading branch information
thomasrockhu authored Jul 23, 2021
2 parents 88c796d + 0bbb082 commit 51d8108
Show file tree
Hide file tree
Showing 6 changed files with 50 additions and 38 deletions.
6 changes: 6 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
## 2.0.2
### Fixes
- Underlying uploader fixes issues with tokens not being sent properly for users seeing
`Error!: Error: Error uploading to https://codecov.io: Error: Error uploading to Codecov: Error: Not Found`
- #440 fix: Validation ordering

## 2.0.1
### Fixes
- #424 fix: Issue in building all deep dependencies
Expand Down
35 changes: 18 additions & 17 deletions dist/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -12849,7 +12849,7 @@ var core = __nccwpck_require__(2186);
// EXTERNAL MODULE: ./node_modules/@actions/github/lib/github.js
var github = __nccwpck_require__(5438);
;// CONCATENATED MODULE: ./package.json
const package_namespaceObject = {"i8":"2.0.1"};
const package_namespaceObject = {"i8":"2.0.2"};
;// CONCATENATED MODULE: ./src/buildExec.ts


Expand Down Expand Up @@ -13061,22 +13061,23 @@ const verify = (filename) => __awaiter(void 0, void 0, void 0, function* () {
else {
setFailure('Codecov: Error validating SHASUM signature', true);
}
// Verify uploader
const uploaderSha = external_crypto_.createHash(`sha256`);
const stream = external_fs_.createReadStream(filename);
yield stream
.on('data', (data) => {
uploaderSha.update(data);
}).on('end', () => __awaiter(void 0, void 0, void 0, function* () {
const hash = `${uploaderSha.digest('hex')} ${uploaderName}`;
if (hash !== shasum) {
setFailure('Codecov: Uploader shasum does not match ' +
`uploader hash: ${hash}, public hash: ${shasum}`, true);
}
else {
core.info('==> Uploader SHASUM verified');
}
}));
const calculateHash = (filename) => __awaiter(void 0, void 0, void 0, function* () {
const stream = external_fs_.createReadStream(filename);
const uploaderSha = external_crypto_.createHash(`sha256`);
stream.pipe(uploaderSha);
return new Promise((resolve, reject) => {
stream.on('end', () => resolve(`${uploaderSha.digest('hex')} ${uploaderName}`));
stream.on('error', reject);
});
});
const hash = yield calculateHash(filename);
if (hash === shasum) {
core.info(`==> Uploader SHASUM verified (${hash})`);
}
else {
setFailure('Codecov: Uploader shasum does not match -- ' +
`uploader hash: ${hash}, public hash: ${shasum}`, true);
}
}
catch (err) {
setFailure(`Codecov: Error validating uploader: ${err.message}`, true);
Expand Down
2 changes: 1 addition & 1 deletion dist/index.js.map

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "codecov-action",
"version": "2.0.1",
"version": "2.0.2",
"description": "Upload coverage reports to Codecov from GitHub Actions",
"main": "index.js",
"scripts": {
Expand Down
41 changes: 23 additions & 18 deletions src/validate.ts
Original file line number Diff line number Diff line change
Expand Up @@ -44,24 +44,29 @@ const verify = async (filename: string) => {
setFailure('Codecov: Error validating SHASUM signature', true);
}

// Verify uploader
const uploaderSha = crypto.createHash(`sha256`);
const stream = fs.createReadStream(filename);
await stream
.on('data', (data) => {
uploaderSha.update(data);
}).on('end', async () => {
const hash = `${uploaderSha.digest('hex')} ${uploaderName}`;
if (hash !== shasum) {
setFailure(
'Codecov: Uploader shasum does not match ' +
`uploader hash: ${hash}, public hash: ${shasum}`,
true,
);
} else {
core.info('==> Uploader SHASUM verified');
}
});
const calculateHash = async (filename: string) => {
const stream = fs.createReadStream(filename);
const uploaderSha = crypto.createHash(`sha256`);
stream.pipe(uploaderSha);

return new Promise((resolve, reject) => {
stream.on('end', () => resolve(
`${uploaderSha.digest('hex')} ${uploaderName}`,
));
stream.on('error', reject);
});
};

const hash = await calculateHash(filename);
if (hash === shasum) {
core.info(`==> Uploader SHASUM verified (${hash})`);
} else {
setFailure(
'Codecov: Uploader shasum does not match -- ' +
`uploader hash: ${hash}, public hash: ${shasum}`,
true,
);
}
} catch (err) {
setFailure(`Codecov: Error validating uploader: ${err.message}`, true);
}
Expand Down

0 comments on commit 51d8108

Please sign in to comment.