fix: fail

.github/workflows/codeql-analysis.yml

@@ -41,7 +41,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3.28.1
+      uses: github/codeql-action/init@v3.27.5
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -52,7 +52,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v3.28.1
+      uses: github/codeql-action/autobuild@v3.27.5
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -66,4 +66,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3.28.1
+      uses: github/codeql-action/analyze@v3.27.5

.github/workflows/main.yml

@@ -22,7 +22,7 @@ jobs:
       - name: Upload coverage to Codecov (script)
         uses: ./
         with:
-          fail_ci_if_error: true
+          fail_ci_if_error: false
           files: ./coverage/script/coverage-final.json
           flags: script-${{ matrix.os }}
           name: codecov-script

.github/workflows/scorecards-analysis.yml

@@ -49,7 +49,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
         with:
           name: SARIF file
           path: results.sarif
@@ -57,6 +57,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@v3.28.1 # v1.0.26
+        uses: github/codeql-action/upload-sarif@v3.27.5 # v1.0.26
         with:
           sarif_file: results.sarif

CHANGELOG.md

@@ -1,19 +1,3 @@
-## v5.1.2
-
-### What's Changed
-* fix: update statment by @thomasrockhu-codecov in https://github.com/codecov/codecov-action/pull/1726
-* fix: update action script by @thomasrockhu-codecov in https://github.com/codecov/codecov-action/pull/1725
-* fix: prevent oidc on tokenless due to permissioning by @thomasrockhu-codecov in https://github.com/codecov/codecov-action/pull/1724
-* chore(release): wrapper-0.0.31 by @app/codecov-releaser-app in https://github.com/codecov/codecov-action/pull/1723
-* Put quotes around `${{ inputs.token }}` in `action.yml` by @jwodder in https://github.com/codecov/codecov-action/pull/1721
-* build(deps): bump github/codeql-action from 3.27.6 to 3.27.9 by @app/dependabot in https://github.com/codecov/codecov-action/pull/1722
-* Remove mistake from options table by @Acconut in https://github.com/codecov/codecov-action/pull/1718
-* build(deps): bump github/codeql-action from 3.27.5 to 3.27.6 by @app/dependabot in https://github.com/codecov/codecov-action/pull/1717
-
-
-**Full Changelog**: https://github.com/codecov/codecov-action/compare/v5.1.1..v5.1.2
-
-
 ## v5.1.1
 ### What's Changed
 

Makefile

@@ -1,5 +1,5 @@
 deploy:
-	$(eval VERSION := $(shell cat src/version))
+	$(eval VERSION := $(shell cat src/version | grep 'CODECOV_ACTION_VERSION=' | cut -d\" -f2))
 	git tag -d v5
 	git push origin :v5
 	git tag v5

README.md

@@ -106,7 +106,8 @@ Codecov's Action supports inputs from the user. These inputs, along with their d
 | Input  | Description | Required |
 | :---       |     :---     |    :---:   |
 | `binary` | The file location of a pre-downloaded version of the CLI. If specified, integrity checking will be bypassed. | Optional
-| `codecov_yml_path` | The location of the codecov.yml file. This is crrently ONLY used for automated test selection (https://docs.codecov.com/docs/getting-started-with-ats). Note that for all other cases, the Codecov yaml will need to be located as described here: https://docs.codecov.com/docs/codecov-yaml#can-i-name-the-file-codecovyml | Optional
+| `codecov_yml_path` | The location of the codecov.yml file. This is crrently ONLY used for automated test selection (https://docs.codecov.com/docs/getting-started-with-ats). Note that for all other cases, the Codecov yaml will need to be locate
+d as described here: https://docs.codecov.com/docs/codecov-yaml#can-i-name-the-file-codecovyml | Optional
 | `commit_parent` | SHA (with 40 chars) of what should be the parent of this commit. | Optional
 | `directory` | Folder to search for coverage files. Default to the current working directory | Optional
 | `disable_file_fixes` | Disable file fixes to ignore common lines from coverage (e.g. blank lines or empty brackets). Read more here https://docs.codecov.com/docs/fixing-reports | Optional
@@ -117,6 +118,7 @@ Codecov's Action supports inputs from the user. These inputs, along with their d
 | `exclude` | Comma-separated list of folders to exclude from search. | Optional
 | `fail_ci_if_error` | On error, exit with non-zero code | Optional
 | `files` | Comma-separated explicit list of files to upload. These will be added to the coverage files found for upload. If you wish to only upload the specified files, please consider using "disable-search" to disable uploading other files. | Optional
+tional
 | `flags` | Comma-separated list of flags to upload to group coverage metrics. | Optional
 | `git_service` | Override the git_service (e.g. github_enterprise) | Optional
 | `gcov_args` | Extra arguments to pass to gcov | Optional

action.yml

@@ -28,10 +28,6 @@ inputs:
     description: 'Disable setting safe directory. Set to true to disable.'
     required: false
     default: 'false'
-  disable_telem:
-    description: 'Disable sending telemetry data to Codecov. Set to true to disable.'
-    required: false
-    default: 'false'
   dry_run:
     description: "Don't upload files to Codecov"
     required: false
@@ -161,7 +157,7 @@ runs:
     - name: Action version
       shell: bash
       run: |
-        CC_ACTION_VERSION=$(cat ${GITHUB_ACTION_PATH}/src/version)
+        CC_ACTION_VERSION=$(cat ${GITHUB_ACTION_PATH}/src/version | grep 'CODECOV_ACTION_VERSION=' | cut -d\" -f2)
         echo -e "\033[0;32m==>\033[0m Running Action version $CC_ACTION_VERSION"
     - name: Set safe directory
       if: ${{ inputs.disable_safe_directory != 'true' }}
@@ -169,52 +165,31 @@ runs:
       run: |
         git config --global --add safe.directory ${{ github.workspace }}
 
-    - name: Set fork
-      shell: bash
-      run: |
-        CC_FORK="false"
-        if [ -n "$GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FULL_NAME" ] && [ "$GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FULL_NAME" != "$GITHUB_REPOSITORY" ];
-        then
-          echo -e "\033[0;32m==>\033[0m Fork detected"
-          CC_FORK="true"
-        fi
-        echo "CC_FORK=$CC_FORK" >> "$GITHUB_ENV"
-      env:
-        GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL: ${{ github.event.pull_request.head.label }}
-        GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FULL_NAME: ${{ github.event.pull_request.head.repo.full_name }}
-        GITHUB_REPOSITORY: ${{ github.repository }}
-
-
     - name: Get and set token
       shell: bash
       run: |
-        if [ "${{ inputs.use_oidc }}" == 'true' ] && [ "$CC_FORK" != 'true' ];
+        if [ "${{ inputs.use_oidc }}" == 'true' ];
         then
           # {"count":1984,"value":"***"}
-          echo -e "\033[0;32m==>\033[0m Requesting OIDC token from '$ACTIONS_ID_TOKEN_REQUEST_URL'"
-          CC_TOKEN=$(curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=$CC_OIDC_AUDIENCE" | cut -d\" -f6)
+          CC_TOKEN=$(curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=https://codecov.io" | cut -d\" -f6)
           echo "CC_TOKEN=$CC_TOKEN" >> "$GITHUB_ENV"
         elif [ -n "${{ env.CODECOV_TOKEN }}" ];
         then
-          echo -e "\033[0;32m==>\033[0m Token set from env"
             echo "CC_TOKEN=${{ env.CODECOV_TOKEN }}" >> "$GITHUB_ENV"
         else
-          if [ -n "${{ inputs.token }}" ];
+          if [ -n ${{ inputs.token }} ];
           then
-            echo -e "\033[0;32m==>\033[0m Token set from input"
             CC_TOKEN=$(echo "${{ inputs.token }}" | tr -d '\n')
             echo "CC_TOKEN=$CC_TOKEN" >> "$GITHUB_ENV"
           fi
         fi
-      env:
-        CC_OIDC_AUDIENCE: ${{ inputs.url || 'https://codecov.io' }}
 
     - name: Override branch for forks
       shell: bash
       run: |
-        if [ -z "$CC_BRANCH" ] && [ -z "$CC_TOKEN" ] && [ "$CC_FORK" == 'true' ]
+        if [ -z "$CC_BRANCH" ] && [ -z "$CC_TOKEN" ] && [ -n "$GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FULL_NAME" ] && [ "${GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FULL_NAME}" != "$GITHUB_REPOSITORY" ];
         then
-          echo -e "\033[0;32m==>\033[0m Fork detected, setting branch to $GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL"
+          echo -e "\033[0;32m==>\033[0m Fork detected, tokenless uploading used"
           TOKENLESS="$GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL"
           CC_BRANCH="$GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL"
           echo "TOKENLESS=$TOKENLESS" >> "$GITHUB_ENV"
@@ -260,7 +235,6 @@ runs:
         CC_DIR: ${{ inputs.directory }}
         CC_DISABLE_FILE_FIXES: ${{ inputs.disable_file_fixes }}
         CC_DISABLE_SEARCH: ${{ inputs.disable_search }}
-        CC_DISABLE_TELEM: ${{ inputs.disable_telem }}
         CC_DRY_RUN: ${{ inputs.dry_run }}
         CC_ENTERPRISE_URL: ${{ inputs.url }}
         CC_ENV: ${{ inputs.env_vars }}
@@ -290,3 +264,14 @@ runs:
         CC_VERBOSE: ${{ inputs.verbose }}
         CC_VERSION: ${{ inputs.version }}
         CC_YML_PATH: ${{ inputs.codecov_yml_path }}
+
+    - name: Error
+      shell: bash
+      run: exit 1
+
+    - name: Gracefully exit
+      if: ${{ failure() && inputs.fail_ci_if_error != 'true' }}
+      shell: bash
+      run: |
+        echo -e "\033[0;32m==>\033[0m Exiting gracefully..."
+        exit 0

changelog.py

@@ -4,7 +4,8 @@ import subprocess
 
 def update_changelog():
     with open('src/version', 'r') as f:
-        version = f.read()
+        raw_version = f.read()
+    version = re.search('\"(.*)\"', raw_version).groups()[0]
     changelog = [f"## v{version}"]
     changelog.append("### What\'s Changed")
 

dist/codecov.sh

@@ -1,5 +1,5 @@
 #!/usr/bin/env bash
-CC_WRAPPER_VERSION="0.0.32"
+CC_WRAPPER_VERSION="0.0.30"
 set +u
 say() {
   echo -e "$1"
@@ -52,7 +52,6 @@ then
   if [ -f "$CC_BINARY" ];
   then
     cc_filename=$CC_BINARY
-    cc_command=$CC_BINARY
   else
     exit_if_error "Could not find binary file $CC_BINARY"
   fi
@@ -60,30 +59,34 @@ else
   if [ -n "$CC_OS" ];
   then
     say "$g==>$x Overridden OS: $b${CC_OS}$x"
+    export cc_os=${CC_OS}
   else
-    CC_OS="windows"
+    CC_OS="linux"
     family=$(uname -s | tr '[:upper:]' '[:lower:]')
-    [[ $family == "darwin" ]] && CC_OS="macos"
-    [[ $family == "linux" ]] && CC_OS="linux"
-    [[ $CC_OS == "linux" ]] && \
+    cc_os="windows"
+    [[ $family == "darwin" ]] && cc_os="macos"
+    [[ $family == "linux" ]] && cc_os="linux"
+    [[ $cc_os == "linux" ]] && \
       osID=$(grep -e "^ID=" /etc/os-release | cut -c4-)
-    [[ $osID == "alpine" ]] && CC_OS="alpine"
-    [[ $(arch) == "aarch64" && $family == "linux" ]] && CC_OS+="-arm64"
-    say "$g==>$x Detected $b${CC_OS}$x"
+    [[ $osID == "alpine" ]] && cc_os="alpine"
+    [[ $(arch) == "aarch64" && $family == "linux" ]] && cc_os+="-arm64"
+    say "$g==>$x Detected $b${cc_os}$x"
+    export cc_os=${cc_os}
   fi
+  export cc_version=${CC_VERSION}
   cc_filename="codecov"
-  [[ $CC_OS == "windows" ]] && cc_filename+=".exe"
-  cc_command="./$cc_filename"
-  [[ $CC_OS == "macos" ]]  && \
+  [[ $cc_os == "windows" ]] && cc_filename+=".exe"
+  export cc_filename=${cc_filename}
+  [[ $cc_os == "macos" ]]  && \
     ! command -v gpg 2>&1 >/dev/null && \
     HOMEBREW_NO_AUTO_UPDATE=1 brew install gpg
   cc_url="https://cli.codecov.io"
   cc_url="$cc_url/${CC_VERSION}"
-  cc_url="$cc_url/${CC_OS}/${cc_filename}"
+  cc_url="$cc_url/${cc_os}/${cc_filename}"
   say "$g ->$x Downloading $b${cc_url}$x"
   curl -Os "$cc_url"
-  say "$g==>$x Finishing downloading $b${CC_OS}:${CC_VERSION}$x"
-  version_url="https://cli.codecov.io/api/${CC_OS}/${CC_VERSION}"
+  say "$g==>$x Finishing downloading $b${cc_os}:${CC_VERSION}$x"
+  version_url="https://cli.codecov.io/api/${cc_os}/${CC_VERSION}"
   version=$(curl -s "$version_url" -H "Accept:application/json" | jq -r '.version')
   say "      Version: $b$version$x"
   say " "
@@ -98,7 +101,7 @@ CC_PUBLIC_PGP_KEY=$(curl -s https://keybase.io/codecovsecurity/pgp_keys.asc)
   # One-time step
   say "$g==>$x Verifying GPG signature integrity"
   sha_url="https://cli.codecov.io"
-  sha_url="${sha_url}/${CC_VERSION}/${CC_OS}"
+  sha_url="${sha_url}/${cc_version}/${cc_os}"
   sha_url="${sha_url}/${cc_filename}.SHA256SUM"
   say "$g ->$x Downloading $b${sha_url}$x"
   say "$g ->$x Downloading $b${sha_url}.sig$x"
@@ -117,15 +120,6 @@ CC_PUBLIC_PGP_KEY=$(curl -s https://keybase.io/codecovsecurity/pgp_keys.asc)
   say "$g==>$x CLI integrity verified"
   say
 fi
-if [ -n "$CC_BINARY_LOCATION" ];
-then
-  mkdir -p "$CC_BINARY_LOCATION" && mv "$cc_filename" $_
-  say "$g==>$x Codecov binary moved to ${CC_BINARY_LOCATION}"
-fi
-if [ "$CC_DOWNLOAD_ONLY" = "true" ];
-then
-  say "$g==>$x Codecov download only called. Exiting..."
-fi
 cc_cli_args=()
 cc_cli_args+=( $(k_arg AUTO_LOAD_PARAMS_FROM) $(v_arg AUTO_LOAD_PARAMS_FROM))
 cc_cli_args+=( $(k_arg ENTERPRISE_URL) $(v_arg ENTERPRISE_URL))
@@ -134,7 +128,6 @@ then
   cc_cli_args+=( "--codecov-yml-path" )
   cc_cli_args+=( "$CC_YML_PATH" )
 fi
-cc_cli_args+=( $(write_truthy_args CC_DISABLE_TELEM) )
 cc_cli_args+=( $(write_truthy_args CC_VERBOSE) )
 cc_uc_args=()
 # Args for create commit
@@ -199,7 +192,7 @@ cc_uc_args+=( $(k_arg SWIFT_PROJECT) $(v_arg SWIFT_PROJECT))
 IFS=$OLDIFS
 unset NODE_OPTIONS
 # See https://github.com/codecov/uploader/issues/475
-chmod +x $cc_command
+chmod +x $cc_filename
 if [ -n "$CC_TOKEN_VAR" ];
 then
   token="$(eval echo \$$CC_TOKEN_VAR)"
@@ -215,8 +208,8 @@ then
   token_arg+=( " -t " "$token")
 fi
 say "$g==>$x Running upload-coverage"
-say "      $b$cc_command $(echo "${cc_cli_args[@]}") upload-coverage$token_str $(echo "${cc_uc_args[@]}")$x"
-if ! $cc_command \
+say "      $b./$cc_filename $(echo "${cc_cli_args[@]}") upload-coverage$token_str $(echo "${cc_uc_args[@]}")$x"
+if ! ./$cc_filename \
   ${cc_cli_args[*]} \
   upload-coverage \
   ${token_arg[*]} \

src/version

@@ -1 +1 @@
-5.1.2
+CODECOV_ACTION_VERSION="5.1.1"