chore(release): 0.0.13 add verification bypasses

Author: thomasrockhu-codecov

dist/codecov.sh

@@ -38,7 +38,7 @@ def _parse(file):
     return lines
 
 def _shorten_line(line):
-    return line.replace("CODECOV", "CC")
+    return line.replace("CODECOV", "CC").replace("codecov_", "cc_")
 
 def _get_script_from_line(line):
     matcher = r'\s*\. \.\/(\S+\.sh)$'  #. ./version.sh

package.py

@@ -1,29 +1,39 @@
 #!/usr/bin/env bash
 
-family=$(uname -s | tr '[:upper:]' '[:lower:]')
-codecov_os="windows"
-[[ $family == "darwin" ]] && codecov_os="macos"
+if [ -n "$CODECOV_BINARY" ];
+then
+  if [ -f "$CODECOV_BINARY" ];
+  then
+    codecov_filename=$CODECOV_BINARY
+  else
+    exit_if_error "Could not find binary file $CODECOV_BINARY"
+  fi
+else
+  family=$(uname -s | tr '[:upper:]' '[:lower:]')
+  codecov_os="windows"
+  [[ $family == "darwin" ]] && codecov_os="macos"
 
-[[ $family == "linux" ]] && codecov_os="linux"
-[[ $codecov_os == "linux" ]] && \
-  osID=$(grep -e "^ID=" /etc/os-release | cut -c4-)
-[[ $osID == "alpine" ]] && codecov_os="alpine"
-[[ $(arch) == "aarch64" && $family == "linux" ]] && codecov_os+="-arm64"
-say "$g==>$x Detected $b${codecov_os}$x"
-export codecov_os=${codecov_os}
-export codecov_version=${CODECOV_VERSION}
+  [[ $family == "linux" ]] && codecov_os="linux"
+  [[ $codecov_os == "linux" ]] && \
+    osID=$(grep -e "^ID=" /etc/os-release | cut -c4-)
+  [[ $osID == "alpine" ]] && codecov_os="alpine"
+  [[ $(arch) == "aarch64" && $family == "linux" ]] && codecov_os+="-arm64"
+  say "$g==>$x Detected $b${codecov_os}$x"
+  export codecov_os=${codecov_os}
+  export codecov_version=${CODECOV_VERSION}
 
-codecov_filename="codecov"
-[[ $codecov_os == "windows" ]] && codecov_filename+=".exe"
-export codecov_filename=${codecov_filename}
-[[ $codecov_os == "macos" ]]  && \
-  ! command -v gpg 2>&1 >/dev/null && \
-  HOMEBREW_NO_AUTO_UPDATE=1 brew install gpg
-codecov_url="https://cli.codecov.io"
-codecov_url="$codecov_url/${CODECOV_VERSION}"
-codecov_url="$codecov_url/${codecov_os}/${codecov_filename}"
-say "$g ->$x Downloading $b${codecov_url}$x"
-curl -Os $codecov_url
+  codecov_filename="codecov"
+  [[ $codecov_os == "windows" ]] && codecov_filename+=".exe"
+  export codecov_filename=${codecov_filename}
+  [[ $codecov_os == "macos" ]]  && \
+    ! command -v gpg 2>&1 >/dev/null && \
+    HOMEBREW_NO_AUTO_UPDATE=1 brew install gpg
+  codecov_url="https://cli.codecov.io"
+  codecov_url="$codecov_url/${CODECOV_VERSION}"
+  codecov_url="$codecov_url/${codecov_os}/${codecov_filename}"
+  say "$g ->$x Downloading $b${codecov_url}$x"
+  curl -Os $codecov_url
 
-say "$g==>$x Finishing downloading $b${codecov_os}:${CODECOV_VERSION}$x"
-say " "
+  say "$g==>$x Finishing downloading $b${codecov_os}:${CODECOV_VERSION}$x"
+  say " "
+fi

scripts/download.sh

@@ -3,7 +3,6 @@
 . ./version.sh
 . ./set_defaults.sh
 . ./download.sh
-. ./set_validation_key.sh
 . ./validate.sh
 
 . ./set_cli_args.sh

scripts/run.sh

@@ -1,20 +1,20 @@
 #!/usr/bin/env bash
 
-codecov_cli_args=""
+codecov_cli_args=()
 
 if [ -n "$CODECOV_AUTO_LOAD_PARAMS_FROM" ];
 then
-  codecov_cli_args+=" --auto-load-params-from ${CODECOV_AUTO_LOAD_PARAMS_FROM}"
+  codecov_cli_args+=( " --auto-load-params-from " "${CODECOV_AUTO_LOAD_PARAMS_FROM}" )
 fi
 
 if [ -n "$CODECOV_ENTERPRISE_URL" ];
 then
-  codecov_cli_args+=" --enterprise-url ${CODECOV_ENTERPRISE_URL}"
+  codecov_cli_args+=( " --enterprise-url " "${CODECOV_ENTERPRISE_URL}" )
 fi
 
 unset CODECOV_YML_PATH
 if [ -n "$CODECOV_YML_PATH" ];
 then
-  codecov_cli_args+=" --codecov-yml-path ${CODECOV_YML_PATH}"
+  codecov_cli_args+=( " --codecov-yml-path " "${CODECOV_YML_PATH}" )
 fi
 

scripts/set_cli_args.sh

@@ -15,49 +15,40 @@ fi
 say "$g ->$x Token of length ${#token} detected"
 token_str=""
 token_arg=()
-if [ -n $token ];
+if [ -n "$token" ];
 then
   token_str+=" -t <redacted>"
   token_arg+=( " -t " "$token")
 fi
 
-#create commit
 say "$g==>$x Running create-commit"
 say "      $b./$codecov_filename$codecov_cli_args create-commit$token_str$codecov_cc_args$x"
-
 if ! ./$codecov_filename \
-  $codecov_cli_args \
+  ${codecov_cli_args[@]} \
   create-commit \
   ${token_arg[@]} \
   ${codecov_cc_args[@]};
 then
   exit_if_error "Failed to create-commit"
 fi
-
 say " "
 
-#create report
 say "$g==>$x Running create-report"
 say "      $b./$codecov_filename$codecov_cli_args create-commit$token_str$codecov_cr_args$x"
-
 if ! ./$codecov_filename \
-  $codecov_cli_args \
+  ${codecov_cli_args[@]} \
   create-report \
   ${token_arg[@]} \
   ${codecov_cr_args[@]};
 then
   exit_if_error "Failed to create-report"
 fi
-
 say " "
 
-#upload reports
-# alpine doesn't allow for indirect expansion
 say "$g==>$x Running do-upload"
 say "      $b./$codecov_filename$codecov_cli_args do-upload$token_str$codecov_du_args$x"
-
 if ! ./$codecov_filename \
-  $codecov_cli_args \
+  ${codecov_cli_args[@]} \
   do-upload \
   ${token_arg[@]} \
   ${codecov_du_args[@]};

scripts/upload.sh

@@ -1,28 +1,34 @@
 #!/usr/bin/env bash
 
-echo "${CODECOV_PUBLIC_PGP_KEY}"  | \
-  gpg --no-default-keyring --import
-# One-time step
-say "$g==>$x Verifying GPG signature integrity"
-sha_url="https://cli.codecov.io"
-sha_url="${sha_url}/${codecov_version}/${codecov_os}"
-sha_url="${sha_url}/${codecov_filename}.SHA256SUM"
-say "$g ->$x Downloading $b${sha_url}$x"
-say "$g ->$x Downloading $b${sha_url}.sig$x"
-say " "
+if [ "$CODECOV_SKIP_VALIDATION" = "true" ] || [ -n "$CODECOV_BINARY" ];
+then
+  say "$r==>$x Bypassing validation as requested by user"
+else
+  . ./set_validation_key.sh
+  echo "${CODECOV_PUBLIC_PGP_KEY}"  | \
+    gpg --no-default-keyring --import
+  # One-time step
+  say "$g==>$x Verifying GPG signature integrity"
+  sha_url="https://cli.codecov.io"
+  sha_url="${sha_url}/${codecov_version}/${codecov_os}"
+  sha_url="${sha_url}/${codecov_filename}.SHA256SUM"
+  say "$g ->$x Downloading $b${sha_url}$x"
+  say "$g ->$x Downloading $b${sha_url}.sig$x"
+  say " "
 
-curl -Os "$sha_url"
-curl -Os "${sha_url}.sig"
+  curl -Os "$sha_url"
+  curl -Os "${sha_url}.sig"
 
-if ! gpg --verify "${codecov_filename}.SHA256SUM.sig" "${codecov_filename}.SHA256SUM";
-then
-  exit_if_error "Could not verify signature. Please contact Codecov if problem continues"
-fi
+  if ! gpg --verify "${codecov_filename}.SHA256SUM.sig" "${codecov_filename}.SHA256SUM";
+  then
+    exit_if_error "Could not verify signature. Please contact Codecov if problem continues"
+  fi
 
-if ! (shasum -a 256 -c "${codecov_filename}.SHA256SUM" || \
-  sha256sum -c "${codecov_filename}.SHA256SUM");
-then
-  exit_if_error "Could not verify SHASUM. Please contact Codecov if problem continues"
+  if ! (shasum -a 256 -c "${codecov_filename}.SHA256SUM" || \
+    sha256sum -c "${codecov_filename}.SHA256SUM");
+  then
+    exit_if_error "Could not verify SHASUM. Please contact Codecov if problem continues"
+  fi
+  say "$g==>$x CLI integrity verified"
+  say
 fi
-say "$g==>$x CLI integrity verified"
-say

scripts/validate.sh

@@ -1,2 +1,2 @@
 #!/usr/bin/env bash
-CODECOV_WRAPPER_VERSION="0.0.12"
+CODECOV_WRAPPER_VERSION="0.0.13"