Skip to content

Commit

Permalink
fix: Update validation
Browse files Browse the repository at this point in the history
  • Loading branch information
thomasrockhu committed Jul 22, 2021
1 parent 53f686a commit 0bbb082
Show file tree
Hide file tree
Showing 4 changed files with 42 additions and 35 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
### Fixes
- Underlying uploader fixes issues with tokens not being sent properly for users seeing
`Error!: Error: Error uploading to https://codecov.io: Error: Error uploading to Codecov: Error: Not Found`
- #440 fix: Validation ordering

## 2.0.1
### Fixes
Expand Down
33 changes: 17 additions & 16 deletions dist/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -13061,22 +13061,23 @@ const verify = (filename) => __awaiter(void 0, void 0, void 0, function* () {
else {
setFailure('Codecov: Error validating SHASUM signature', true);
}
// Verify uploader
const uploaderSha = external_crypto_.createHash(`sha256`);
const stream = external_fs_.createReadStream(filename);
return yield stream
.on('data', (data) => {
uploaderSha.update(data);
}).on('end', () => __awaiter(void 0, void 0, void 0, function* () {
const hash = `${uploaderSha.digest('hex')} ${uploaderName}`;
if (hash !== shasum) {
setFailure('Codecov: Uploader shasum does not match\n' +
`uploader hash: ${hash}\npublic hash: ${shasum}`, true);
}
else {
core.info('==> Uploader SHASUM verified');
}
}));
const calculateHash = (filename) => __awaiter(void 0, void 0, void 0, function* () {
const stream = external_fs_.createReadStream(filename);
const uploaderSha = external_crypto_.createHash(`sha256`);
stream.pipe(uploaderSha);
return new Promise((resolve, reject) => {
stream.on('end', () => resolve(`${uploaderSha.digest('hex')} ${uploaderName}`));
stream.on('error', reject);
});
});
const hash = yield calculateHash(filename);
if (hash === shasum) {
core.info(`==> Uploader SHASUM verified (${hash})`);
}
else {
setFailure('Codecov: Uploader shasum does not match -- ' +
`uploader hash: ${hash}, public hash: ${shasum}`, true);
}
}
catch (err) {
setFailure(`Codecov: Error validating uploader: ${err.message}`, true);
Expand Down
2 changes: 1 addition & 1 deletion dist/index.js.map

Large diffs are not rendered by default.

41 changes: 23 additions & 18 deletions src/validate.ts
Original file line number Diff line number Diff line change
Expand Up @@ -44,24 +44,29 @@ const verify = async (filename: string) => {
setFailure('Codecov: Error validating SHASUM signature', true);
}

// Verify uploader
const uploaderSha = crypto.createHash(`sha256`);
const stream = fs.createReadStream(filename);
return await stream
.on('data', (data) => {
uploaderSha.update(data);
}).on('end', async () => {
const hash = `${uploaderSha.digest('hex')} ${uploaderName}`;
if (hash !== shasum) {
setFailure(
'Codecov: Uploader shasum does not match\n' +
`uploader hash: ${hash}\npublic hash: ${shasum}`,
true,
);
} else {
core.info('==> Uploader SHASUM verified');
}
});
const calculateHash = async (filename: string) => {
const stream = fs.createReadStream(filename);
const uploaderSha = crypto.createHash(`sha256`);
stream.pipe(uploaderSha);

return new Promise((resolve, reject) => {
stream.on('end', () => resolve(
`${uploaderSha.digest('hex')} ${uploaderName}`,
));
stream.on('error', reject);
});
};

const hash = await calculateHash(filename);
if (hash === shasum) {
core.info(`==> Uploader SHASUM verified (${hash})`);
} else {
setFailure(
'Codecov: Uploader shasum does not match -- ' +
`uploader hash: ${hash}, public hash: ${shasum}`,
true,
);
}
} catch (err) {
setFailure(`Codecov: Error validating uploader: ${err.message}`, true);
}
Expand Down

0 comments on commit 0bbb082

Please sign in to comment.