Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add use_oidc #90

Closed
wants to merge 2 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
150 changes: 89 additions & 61 deletions dist/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -32084,8 +32084,72 @@ var exec = __nccwpck_require__(1514);
var core = __nccwpck_require__(2186);
// EXTERNAL MODULE: ./node_modules/@actions/github/lib/github.js
var github = __nccwpck_require__(5438);
;// CONCATENATED MODULE: ./src/helpers.ts

const PLATFORMS = [
'linux',
'macos',
'windows',
'alpine',
'linux-arm64',
'alpine-arm64',
];
const setFailure = (message, failCi) => {
failCi ? core.setFailed(message) : core.warning(message);
if (failCi) {
process.exit();
}
};
const getUploaderName = (platform) => {
if (isWindows(platform)) {
return 'codecov.exe';
}
else {
return 'codecov';
}
};
const isValidPlatform = (platform) => {
return PLATFORMS.includes(platform);
};
const isWindows = (platform) => {
return platform === 'windows';
};
const getPlatform = (os) => {
var _a;
if (isValidPlatform(os)) {
core.info(`==> ${os} OS provided`);
return os;
}
const platform = (_a = process.env.RUNNER_OS) === null || _a === void 0 ? void 0 : _a.toLowerCase();
if (isValidPlatform(platform)) {
core.info(`==> ${platform} OS detected`);
return platform;
}
core.info('==> Could not detect OS or provided OS is invalid. Defaulting to linux');
return 'linux';
};
const getBaseUrl = (platform, version) => {
return `https://cli.codecov.io/${version}/${platform}/${getUploaderName(platform)}`;
};
const getCommand = (filename, generalArgs, command) => {
const fullCommand = [filename, ...generalArgs, command];
core.info(`==> Running command '${fullCommand.join(' ')}'`);
return fullCommand;
};


;// CONCATENATED MODULE: ./src/buildExec.ts
/* eslint-disable @typescript-eslint/no-explicit-any */
var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};



const context = github.context;
Expand Down Expand Up @@ -32113,6 +32177,24 @@ const buildGeneralExec = () => {
}
return { args, verbose };
};
const getToken = () => __awaiter(void 0, void 0, void 0, function* () {
let token = core.getInput('token');
let url = core.getInput('url');
const useOIDC = isTrue(core.getInput('use_oidc'));
if (useOIDC) {
if (!url) {
url = 'https://codecov.io';
}
try {
token = yield core.getIDToken(url);
return Promise.resolve(token);
}
catch (err) {
setFailure(`Codecov: Failed to get OIDC token with url: ${url}. ${err.message}`, true);
}
}
return token;
});
const buildUploadExec = () => {
const disableSearch = isTrue(core.getInput('disable_search'));
const dryRun = isTrue(core.getInput('dry_run'));
Expand All @@ -32134,7 +32216,7 @@ const buildUploadExec = () => {
const rootDir = core.getInput('root_dir');
const searchDir = core.getInput('directory');
const slug = core.getInput('slug');
const token = core.getInput('token');
const token = getToken();
let uploaderVersion = core.getInput('version');
const workingDir = core.getInput('working-directory');
const uploadExecArgs = [];
Expand Down Expand Up @@ -32245,60 +32327,6 @@ const buildUploadExec = () => {
};


;// CONCATENATED MODULE: ./src/helpers.ts

const PLATFORMS = [
'linux',
'macos',
'windows',
'alpine',
'linux-arm64',
'alpine-arm64',
];
const setFailure = (message, failCi) => {
failCi ? core.setFailed(message) : core.warning(message);
if (failCi) {
process.exit();
}
};
const getUploaderName = (platform) => {
if (isWindows(platform)) {
return 'codecov.exe';
}
else {
return 'codecov';
}
};
const isValidPlatform = (platform) => {
return PLATFORMS.includes(platform);
};
const isWindows = (platform) => {
return platform === 'windows';
};
const getPlatform = (os) => {
var _a;
if (isValidPlatform(os)) {
core.info(`==> ${os} OS provided`);
return os;
}
const platform = (_a = process.env.RUNNER_OS) === null || _a === void 0 ? void 0 : _a.toLowerCase();
if (isValidPlatform(platform)) {
core.info(`==> ${platform} OS detected`);
return platform;
}
core.info('==> Could not detect OS or provided OS is invalid. Defaulting to linux');
return 'linux';
};
const getBaseUrl = (platform, version) => {
return `https://cli.codecov.io/${version}/${platform}/${getUploaderName(platform)}`;
};
const getCommand = (filename, generalArgs, command) => {
const fullCommand = [filename, ...generalArgs, command];
core.info(`==> Running command '${fullCommand.join(' ')}'`);
return fullCommand;
};


;// CONCATENATED MODULE: external "node:child_process"
const external_node_child_process_namespaceObject = require("node:child_process");
;// CONCATENATED MODULE: external "node:crypto"
Expand All @@ -32310,7 +32338,7 @@ const external_node_path_namespaceObject = require("node:path");
// EXTERNAL MODULE: ./node_modules/undici/index.js
var undici = __nccwpck_require__(1773);
;// CONCATENATED MODULE: ./src/validate.ts
var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) {
var validate_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
Expand All @@ -32326,7 +32354,7 @@ var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _argume



const verify = (filename, platform, version, verbose, failCi) => __awaiter(void 0, void 0, void 0, function* () {
const verify = (filename, platform, version, verbose, failCi) => validate_awaiter(void 0, void 0, void 0, function* () {
try {
const uploaderName = getUploaderName(platform);
// Get SHASUM and SHASUM signature files
Expand All @@ -32343,8 +32371,8 @@ const verify = (filename, platform, version, verbose, failCi) => __awaiter(void
console.log(`Received SHA256SUM signature ${shaSig}`);
}
yield external_node_fs_namespaceObject.writeFileSync(external_node_path_namespaceObject.join(__dirname, `${uploaderName}.SHA256SUM.sig`), shaSig);
const validateSha = () => __awaiter(void 0, void 0, void 0, function* () {
const calculateHash = (filename) => __awaiter(void 0, void 0, void 0, function* () {
const validateSha = () => validate_awaiter(void 0, void 0, void 0, function* () {
const calculateHash = (filename) => validate_awaiter(void 0, void 0, void 0, function* () {
const stream = external_node_fs_namespaceObject.createReadStream(filename);
const uploaderSha = external_node_crypto_namespaceObject.createHash(`sha256`);
stream.pipe(uploaderSha);
Expand All @@ -32362,7 +32390,7 @@ const verify = (filename, platform, version, verbose, failCi) => __awaiter(void
`uploader hash: ${hash}, public hash: ${shasum}`, failCi);
}
});
const verifySignature = () => __awaiter(void 0, void 0, void 0, function* () {
const verifySignature = () => validate_awaiter(void 0, void 0, void 0, function* () {
const args = [
'--logger-fd',
'1',
Expand All @@ -32377,7 +32405,7 @@ const verify = (filename, platform, version, verbose, failCi) => __awaiter(void
setFailure(`Codecov: Error verifying gpg signature: ${err.message}`, failCi);
}
});
const importKey = () => __awaiter(void 0, void 0, void 0, function* () {
const importKey = () => validate_awaiter(void 0, void 0, void 0, function* () {
const args = [
'--logger-fd',
'1',
Expand Down
2 changes: 1 addition & 1 deletion dist/index.js.map

Large diffs are not rendered by default.

52 changes: 0 additions & 52 deletions dist/pgp_keys.asc

This file was deleted.

27 changes: 26 additions & 1 deletion src/buildExec.ts
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,10 @@
import * as core from '@actions/core';
import * as github from '@actions/github';

import {
setFailure,
} from './helpers';


const context = github.context;

Expand Down Expand Up @@ -36,6 +40,27 @@ const buildGeneralExec = () => {
return {args, verbose};
};

const getToken = async (): Promise<string> => {
let token = core.getInput('token');
let url = core.getInput('url');
const useOIDC = isTrue(core.getInput('use_oidc'));
if (useOIDC) {
if (!url) {
url = 'https://codecov.io';
}
try {
token = await core.getIDToken(url);
return Promise.resolve(token);
} catch (err) {
setFailure(
`Codecov: Failed to get OIDC token with url: ${url}. ${err.message}`,
true,
);
}
}
return token;
};

const buildUploadExec = () => {
const disableSearch = isTrue(core.getInput('disable_search'));
const dryRun = isTrue(core.getInput('dry_run'));
Expand All @@ -57,7 +82,7 @@ const buildUploadExec = () => {
const rootDir = core.getInput('root_dir');
const searchDir = core.getInput('directory');
const slug = core.getInput('slug');
const token = core.getInput('token');
const token = getToken();
let uploaderVersion = core.getInput('version');
const workingDir = core.getInput('working-directory');

Expand Down
Loading