From dc37967ab12c24dba3d28f4c12926d9dbfbc3a4d Mon Sep 17 00:00:00 2001 From: "Mr. Walls" Date: Fri, 6 Sep 2024 20:59:40 -0700 Subject: [PATCH 1/9] [TESTS] Initial hardening with pinned dependencies (- WIP #40 -) Notible change: introduced a new config for test environment's dependancies with `test-requirements.txt` --- .circleci/config.yml | 27 +++++----------------- .github/workflows/Tests.yml | 45 +++++++++++++------------------------ test-requirements.txt | 34 ++++++++++++++++++++++++++++ 3 files changed, 55 insertions(+), 51 deletions(-) create mode 100644 test-requirements.txt diff --git a/.circleci/config.yml b/.circleci/config.yml index d8cdcc1..2e22ae8 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -29,14 +29,9 @@ jobs: when: on_success - run: shell: /bin/bash - name: "install coverage attempt" + name: "install test extras attempt" command: | - python3 -m pip install --user coverage || true - - run: - name: "install flake8 attempt" - command: | - python3 -m pip install --user flake8 || true - when: on_success + python3 -m pip install --user -r ./test-requirements.txt || true - save_cache: key: v1-repo-{{ .Environment.CIRCLE_SHA1 }} paths: @@ -61,12 +56,6 @@ jobs: steps: - restore_cache: key: v1-repo-{{ .Environment.CIRCLE_SHA1 }} - - run: - shell: /bin/bash - name: "clean up for test" - command: | - python3 -m pip install --user coverage || true - when: on_success - run: shell: /bin/bash name: "clean up for test" @@ -111,17 +100,11 @@ jobs: steps: - restore_cache: key: v1-repo-{{ .Environment.CIRCLE_SHA1 }} - - run: - shell: /bin/bash - name: "clean up for test" - command: | - python3 -m pip install --user coverage || true - when: on_success - run: shell: /bin/bash name: "setup up for pytest" command: | - python3 -m pip install --user pytest || true + python3 -m pip install --upgrade --user -r ./test-requirements.txt || true when: on_success - run: shell: /bin/bash @@ -168,9 +151,9 @@ jobs: - restore_cache: key: v1-repo-{{ .Environment.CIRCLE_SHA1 }} - run: - name: "install flake8 attempt" + name: "install linters extras attempt" command: | - python3 -m pip install --user flake8 || true + python3 -m pip install --upgrade --user -r ./test-requirements.txt || true - run: shell: /bin/bash name: "clean up for test" diff --git a/.github/workflows/Tests.yml b/.github/workflows/Tests.yml index b850cbf..8d3e71e 100644 --- a/.github/workflows/Tests.yml +++ b/.github/workflows/Tests.yml @@ -93,8 +93,9 @@ jobs: python-version: ${{ matrix.python-version }} - name: Setup dependencies run: | - python -m pip install --upgrade pip setuptools wheel + python -m pip install --upgrade "pip>=21.0" "setuptools>=45.0" "wheel>=0.37" pip install -r ./requirements.txt + pip install --user -r ./test-requirements.txt || true - name: Pre-build id: bootstrap run: | @@ -151,8 +152,8 @@ jobs: python-version: ${{ matrix.python-version }} - name: Install dependencies for ${{ matrix.python-version }} run: | - pip install -r ./requirements.txt ; - pip install coverage || true ; + pip install -r ./requirements.txt + pip install --user -r ./test-requirements.txt || true - name: Pre-Clean id: clean run: make -j1 -f Makefile clean || true ; @@ -198,11 +199,9 @@ jobs: python-version: ${{ matrix.python-version }} - name: Install dependencies for python ${{ matrix.python-version }} on ${{ matrix.os }} run: | - pip install --upgrade --upgrade-strategy eager pip setuptools wheel ; - pip install --upgrade --upgrade-strategy eager -r ./requirements.txt ; - pip install --upgrade --upgrade-strategy eager pytest ; - pip install --upgrade --upgrade-strategy eager pytest-cov ; - pip install --upgrade --upgrade-strategy eager coverage ; + pip install --upgrade "pip>=21.0" "setuptools>=45.0" "wheel>=0.37" + pip install -r ./requirements.txt + pip install --user -r ./test-requirements.txt || true - name: Install code-climate tools for ${{ matrix.python-version }} if: ${{ runner.os }} == "Linux" shell: bash @@ -282,11 +281,9 @@ jobs: python-version: ${{ matrix.python-version }} - name: Install dependencies for python ${{ matrix.python-version }} on ${{ matrix.os }} run: | - pip install --upgrade --upgrade-strategy eager pip setuptools wheel ; - pip install --upgrade --upgrade-strategy eager -r ./requirements.txt ; - pip install --upgrade --upgrade-strategy eager pytest ; - pip install --upgrade --upgrade-strategy eager pytest-cov ; - pip install --upgrade --upgrade-strategy eager coverage ; + pip install --upgrade "pip>=21.0" "setuptools>=45.0" "wheel>=0.37" ; + pip install -r ./requirements.txt ; + pip install --user -r ./test-requirements.txt || true ; - name: Install code-climate tools for ${{ matrix.python-version }} if: ${{ runner.os }} == "Linux" shell: bash @@ -357,11 +354,9 @@ jobs: python-version: "3.10" - name: Install dependencies for python Linters run: | - pip install --upgrade pip setuptools wheel + pip install --upgrade "pip>=21.0" "setuptools>=45.0" "wheel>=0.37" ; pip install -r ./requirements.txt ; - pip install flake8 ; - pip install pyflakes ; - pip install pep8 ; + pip install --user -r ./test-requirements.txt || true ; - name: Pre-Clean id: clean run: make -j1 -f Makefile clean || true ; @@ -403,11 +398,9 @@ jobs: python-version: ${{ matrix.python-version }} - name: Install dependencies for python ${{ matrix.python-version }} on ${{ matrix.os }} run: | - pip install --upgrade pip setuptools wheel + pip install --upgrade "pip>=21.0" "setuptools>=45.0" "wheel>=0.37" ; pip install -r ./requirements.txt ; - pip install coverage ; - pip install pytest ; - pip install pytest-cov ; + pip install --user -r ./test-requirements.txt || true ; - name: Install code-climate tools for ${{ matrix.python-version }} if: ${{ runner.os }} != "Linux" run: | @@ -477,15 +470,9 @@ jobs: python-version: "3.10" - name: Install dependencies for Tox run: | - pip install --upgrade pip setuptools wheel tox + pip install --upgrade "pip>=21.0" "setuptools>=45.0" "wheel>=0.37" "tox>=3.0"; pip install -r ./requirements.txt ; - pip install coverage ; - pip install codecov ; - pip install flake8 ; - pip install pyflakes ; - pip install pep8 ; - pip install tox ; - pip install six ; + pip install --user -r ./test-requirements.txt || true ; - name: Pre-Clean id: clean run: make -j1 -f Makefile clean || true ; diff --git a/test-requirements.txt b/test-requirements.txt new file mode 100644 index 0000000..ba0fc59 --- /dev/null +++ b/test-requirements.txt @@ -0,0 +1,34 @@ +#python +# time - builtin - PSF licence +# re - builtin - PSF licence? +# subprocess - PSF licence +# sphinx +# argparse - builtin - PSF licence +argparse>=1.4.0 +# argparse - builtin - PSF licence +setuptools>=38.0 +# virtualenv - MIT +virtualenv>=15.0.1 +# six - MIT +six>=1.0.0 +# pgpy - BSD 3-Clause licensed +#pgpy>=0.4.1 +tox>=3.0.0 +#py>=1.4.33 +# pip>=19.0 +### +# TESTING ONLY - Do NOT report issues with these optionals on python-repo +### +flake8>=5.0 +pyflakes>=2.5.0 +pep8>=1.0 +pytest>=7 +pytest-checkdocs>=2.4 +pytest-cov>=5.0.0 +pytest-enabler>=3.2.0 +pytest-flake8>=1.0 +coverage >= 6.3 +pytest-cov >= 4.0.0; +pytest-enabler >= 1.0.1 +wheel >= 0.37.0 +pip >= 21.0 From 507029d700bb36676df7999baa7d15544f4cf3bf Mon Sep 17 00:00:00 2001 From: "Mr. Walls" Date: Fri, 6 Sep 2024 22:06:25 -0700 Subject: [PATCH 2/9] [REGRESSION] Revert test-requirement of pytest-cov back down to v4+ to continue to support Python 3.7 in CI --- test-requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test-requirements.txt b/test-requirements.txt index ba0fc59..6f3a909 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -24,7 +24,7 @@ pyflakes>=2.5.0 pep8>=1.0 pytest>=7 pytest-checkdocs>=2.4 -pytest-cov>=5.0.0 +pytest-cov>=4.0.0 pytest-enabler>=3.2.0 pytest-flake8>=1.0 coverage >= 6.3 From 2c020f6a2af529f0e3af9f2edb3778860357044c Mon Sep 17 00:00:00 2001 From: "Mr. Walls" Date: Fri, 6 Sep 2024 22:10:40 -0700 Subject: [PATCH 3/9] [REGRESSION] revert pytyest-enabler back to v1.0.1 in CI to continue support of pre-v3.8 python (- WIP #40 -) --- test-requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test-requirements.txt b/test-requirements.txt index 6f3a909..e370cb1 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -25,7 +25,7 @@ pep8>=1.0 pytest>=7 pytest-checkdocs>=2.4 pytest-cov>=4.0.0 -pytest-enabler>=3.2.0 +pytest-enabler>=1.0.1 pytest-flake8>=1.0 coverage >= 6.3 pytest-cov >= 4.0.0; From 715705c7c855b6e558376aa25ad263988b86792d Mon Sep 17 00:00:00 2001 From: "Mr. Walls" Date: Sat, 7 Sep 2024 00:41:45 -0700 Subject: [PATCH 4/9] [TESTS] Testing prototype tool to fetch and verify the cc-test-reporter (- WIP #40 -) Testing only AMD64 for linux and darwin latest. Once working we can look at figuring out arm64. --- .github/workflows/Tests.yml | 21 ++--- tests/fetch_cc-test-reporter | 166 +++++++++++++++++++++++++++++++++++ 2 files changed, 172 insertions(+), 15 deletions(-) create mode 100644 tests/fetch_cc-test-reporter diff --git a/.github/workflows/Tests.yml b/.github/workflows/Tests.yml index 8d3e71e..0824f03 100644 --- a/.github/workflows/Tests.yml +++ b/.github/workflows/Tests.yml @@ -203,12 +203,9 @@ jobs: pip install -r ./requirements.txt pip install --user -r ./test-requirements.txt || true - name: Install code-climate tools for ${{ matrix.python-version }} - if: ${{ runner.os }} == "Linux" + if: ${{ runner.os }} != "Linux" shell: bash - run: | - if [ $OS == ubuntu-latest ] ; then curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter || true ; fi ; - if [ $OS == ubuntu-latest ] ; then chmod +x ./cc-test-reporter 2>/dev/null || true ; fi - if [ $OS == ubuntu-latest ] ; then ./cc-test-reporter before-build || true ; fi + run: if [ $OS == macos-latest ] ; then ./tests/fetch_cc-test-reporter || true ; fi ; - name: Install deepsource tools for ${{ matrix.python-version }} if: ${{ runner.os }} == "Linux" shell: bash @@ -240,10 +237,10 @@ jobs: path: ./test-reports/ if-no-files-found: ignore - name: code-climate for ${{ matrix.python-version }} - if: ${{ runner.os }} == "Linux" + if: ${{ runner.os }} != "Linux" shell: bash run: | - if [ $OS == ubuntu-latest ] ; then ./cc-test-reporter after-build --exit-code 0 || true ; else echo "SKIP code climate" ; fi ; + if [ $OS == macos-latest ] ; then ./cc-test-reporter after-build --exit-code 0 || true ; else echo "SKIP code climate" ; fi ; - name: deepsource for ${{ matrix.python-version }} if: ${{ runner.os }} == "Linux" shell: bash @@ -287,10 +284,7 @@ jobs: - name: Install code-climate tools for ${{ matrix.python-version }} if: ${{ runner.os }} == "Linux" shell: bash - run: | - if [ $OS == ubuntu-latest ] ; then curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter || true ; fi ; - if [ $OS == ubuntu-latest ] ; then chmod +x ./cc-test-reporter 2>/dev/null || true ; fi - if [ $OS == ubuntu-latest ] ; then ./cc-test-reporter before-build || true ; fi + run: if [ $OS == ubuntu-latest ] ; then ./tests/fetch_cc-test-reporter || true ; fi ; - name: Install deepsource tools for ${{ matrix.python-version }} if: ${{ runner.os }} == "Linux" shell: bash @@ -403,10 +397,7 @@ jobs: pip install --user -r ./test-requirements.txt || true ; - name: Install code-climate tools for ${{ matrix.python-version }} if: ${{ runner.os }} != "Linux" - run: | - if [ $OS == macos-latest ] ; then curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-darwin-amd64 > ./cc-test-reporter || true ; fi ; - if [ $OS == macos-latest ] ; then chmod +x ./cc-test-reporter 2>/dev/null || true ; fi - if [ $OS == macos-latest ] ; then ./cc-test-reporter before-build || true ; fi + run: if [ $OS == macos-latest ] ; then ./tests/fetch_cc-test-reporter || true ; fi ; shell: bash - name: Pre-Clean id: clean-prep diff --git a/tests/fetch_cc-test-reporter b/tests/fetch_cc-test-reporter new file mode 100644 index 0000000..7aed037 --- /dev/null +++ b/tests/fetch_cc-test-reporter @@ -0,0 +1,166 @@ +#! /bin/bash +# Disclaimer of Warranties. +# A. YOU EXPRESSLY ACKNOWLEDGE AND AGREE THAT, TO THE EXTENT PERMITTED BY +# APPLICABLE LAW, USE OF THIS SHELL SCRIPT AND ANY SERVICES PERFORMED +# BY OR ACCESSED THROUGH THIS SHELL SCRIPT IS AT YOUR SOLE RISK AND +# THAT THE ENTIRE RISK AS TO SATISFACTORY QUALITY, PERFORMANCE, ACCURACY AND +# EFFORT IS WITH YOU. +# +# B. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THIS SHELL SCRIPT +# AND SERVICES ARE PROVIDED "AS IS" AND “AS AVAILABLE”, WITH ALL FAULTS AND +# WITHOUT WARRANTY OF ANY KIND, AND THE AUTHOR OF THIS SHELL SCRIPT'S LICENSORS +# (COLLECTIVELY REFERRED TO AS "THE AUTHOR" FOR THE PURPOSES OF THIS DISCLAIMER) +# HEREBY DISCLAIM ALL WARRANTIES AND CONDITIONS WITH RESPECT TO THIS SHELL SCRIPT +# SOFTWARE AND SERVICES, EITHER EXPRESS, IMPLIED OR STATUTORY, INCLUDING, BUT +# NOT LIMITED TO, THE IMPLIED WARRANTIES AND/OR CONDITIONS OF +# MERCHANTABILITY, SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE, +# ACCURACY, QUIET ENJOYMENT, AND NON-INFRINGEMENT OF THIRD PARTY RIGHTS. +# +# C. THE AUTHOR DOES NOT WARRANT AGAINST INTERFERENCE WITH YOUR ENJOYMENT OF THE +# THE AUTHOR's SOFTWARE AND SERVICES, THAT THE FUNCTIONS CONTAINED IN, OR +# SERVICES PERFORMED OR PROVIDED BY, THIS SHELL SCRIPT WILL MEET YOUR +# REQUIREMENTS, THAT THE OPERATION OF THIS SHELL SCRIPT OR SERVICES WILL +# BE UNINTERRUPTED OR ERROR-FREE, THAT ANY SERVICES WILL CONTINUE TO BE MADE +# AVAILABLE, THAT THIS SHELL SCRIPT OR SERVICES WILL BE COMPATIBLE OR +# WORK WITH ANY THIRD PARTY SOFTWARE, APPLICATIONS OR THIRD PARTY SERVICES, +# OR THAT DEFECTS IN THIS SHELL SCRIPT OR SERVICES WILL BE CORRECTED. +# INSTALLATION OF THIS THE AUTHOR SOFTWARE MAY AFFECT THE USABILITY OF THIRD +# PARTY SOFTWARE, APPLICATIONS OR THIRD PARTY SERVICES. +# +# D. YOU FURTHER ACKNOWLEDGE THAT THIS SHELL SCRIPT AND SERVICES ARE NOT +# INTENDED OR SUITABLE FOR USE IN SITUATIONS OR ENVIRONMENTS WHERE THE FAILURE +# OR TIME DELAYS OF, OR ERRORS OR INACCURACIES IN, THE CONTENT, DATA OR +# INFORMATION PROVIDED BY THIS SHELL SCRIPT OR SERVICES COULD LEAD TO +# DEATH, PERSONAL INJURY, OR SEVERE PHYSICAL OR ENVIRONMENTAL DAMAGE, +# INCLUDING WITHOUT LIMITATION THE OPERATION OF NUCLEAR FACILITIES, AIRCRAFT +# NAVIGATION OR COMMUNICATION SYSTEMS, AIR TRAFFIC CONTROL, LIFE SUPPORT OR +# WEAPONS SYSTEMS. +# +# E. NO ORAL OR WRITTEN INFORMATION OR ADVICE GIVEN BY THE AUTHOR +# SHALL CREATE A WARRANTY. SHOULD THIS SHELL SCRIPT OR SERVICES PROVE DEFECTIVE, +# YOU ASSUME THE ENTIRE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. +# +# Limitation of Liability. +# F. TO THE EXTENT NOT PROHIBITED BY APPLICABLE LAW, IN NO EVENT SHALL THE AUTHOR +# BE LIABLE FOR PERSONAL INJURY, OR ANY INCIDENTAL, SPECIAL, INDIRECT OR +# CONSEQUENTIAL DAMAGES WHATSOEVER, INCLUDING, WITHOUT LIMITATION, DAMAGES +# FOR LOSS OF PROFITS, CORRUPTION OR LOSS OF DATA, FAILURE TO TRANSMIT OR +# RECEIVE ANY DATA OR INFORMATION, BUSINESS INTERRUPTION OR ANY OTHER +# COMMERCIAL DAMAGES OR LOSSES, ARISING OUT OF OR RELATED TO YOUR USE OR +# INABILITY TO USE THIS SHELL SCRIPT OR SERVICES OR ANY THIRD PARTY +# SOFTWARE OR APPLICATIONS IN CONJUNCTION WITH THIS SHELL SCRIPT OR +# SERVICES, HOWEVER CAUSED, REGARDLESS OF THE THEORY OF LIABILITY (CONTRACT, +# TORT OR OTHERWISE) AND EVEN IF THE AUTHOR HAS BEEN ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGES. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION +# OR LIMITATION OF LIABILITY FOR PERSONAL INJURY, OR OF INCIDENTAL OR +# CONSEQUENTIAL DAMAGES, SO THIS LIMITATION MAY NOT APPLY TO YOU. In no event +# shall THE AUTHOR's total liability to you for all damages (other than as may +# be required by applicable law in cases involving personal injury) exceed +# the amount of five dollars ($5.00). The foregoing limitations will apply +# even if the above stated remedy fails of its essential purpose. +################################################################################ + +ulimit -t 1200 +PATH="/bin:/sbin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:${PATH}" +LANG=${LANG:-"en_US"} +LC_ALL="${LANG:1:5}.utf-8" +umask 127 + +LOCK_FILE="${TMPDIR:-/tmp}/org.pak.tests.scripts.code-climate.lock" +EXIT_CODE=0 + +test -x $(command -v grep) || exit 126 ; +test -x $(command -v curl) || exit 126 ; +hash -p ./.github/tool_shlock_helper.sh shlock || exit 255 ; +test -x "$(command -v shlock)" || exit 126 ; +test -x $(command -v gpgv) || exit 126 ; +test -x $(command -v shasum) || exit 126 ; + +# sorry no windows support here +if [[ $( \uname -s ) == "*arwin" ]] ; then + CI_OS="darwin" +else + CI_OS="linux" +fi + +function cleanup() { + rm -f ${LOCK_FILE} 2>/dev/null || true ; wait ; + rm -f ./test-reporter-latest-*-amd64.SHA*.sig 2>/dev/null || true ; wait ; + hash -d shlock 2>/dev/null > /dev/null || true ; +} + +if [[ ( $(shlock -f ${LOCK_FILE} -p $$ ) -eq 0 ) ]] ; then + trap 'cleanup 2>/dev/null || rm -f ${LOCK_FILE} 2>/dev/null > /dev/null || true ; wait ; exit 129 ;' SIGHUP || EXIT_CODE=129 + trap 'cleanup 2>/dev/null || rm -f ${LOCK_FILE} 2>/dev/null > /dev/null || true ; wait ; exit 143 ;' SIGTERM || EXIT_CODE=143 + trap 'cleanup 2>/dev/null || rm -f ${LOCK_FILE} 2>/dev/null > /dev/null || true ; wait ; exit 131 ;' SIGQUIT || EXIT_CODE=131 + # SC2173 - https://github.com/koalaman/shellcheck/wiki/SC2173 + #trap 'cleanup 2>/dev/null || rm -f ${LOCK_FILE} 2>/dev/null > /dev/null || true ; wait ; exit 1 ;' SIGSTOP || EXIT_CODE=7 + trap 'cleanup 2>/dev/null || rm -f ${LOCK_FILE} 2>/dev/null > /dev/null || true ; wait ; exit 130 ;' SIGINT || EXIT_CODE=130 + trap 'cleanup 2>/dev/null || rm -f ${LOCK_FILE} 2>/dev/null > /dev/null || true || true ; wait ; exit 137 ;' SIGABRT || EXIT_CODE=137 + trap 'cleanup 2>/dev/null || rm -f ${LOCK_FILE} 2>/dev/null > /dev/null || true ; wait ; exit ${EXIT_CODE} ;' EXIT || EXIT_CODE=1 + trap 'cleanup ; wait ; exit ${EXIT_CODE} ;' EXIT || EXIT_CODE=1 +else + echo "CodeCov already in progress by "`head ${LOCK_FILE}` ; + false ; + exit 126 ; +fi + +# this is how test files are found: + +# THIS IS THE ACTUAL TEST DIR USED (update _TEST_ROOT_DIR as needed) +_TEST_ROOT_DIR="./" ; +if [[ -d ./.git ]] ; then + _TEST_ROOT_DIR="./" ; +elif [[ -d ./tests ]] ; then + _TEST_ROOT_DIR="./" ; +else + echo "FAIL: missing valid folder or file" + EXIT_CODE=1 +fi + +# This File MUST BE GIT-IGNORED +# to be SAFELY USED to store Tokens and env vars (update logic as needed) +if [[ ( -r ./codecov_env ) ]] ; then + source ./codecov_env 2>/dev/null || true ; +fi + + +######################### +# actual Work starts here +######################### +curl -fLso ./test-reporter-latest-${CI_OS:-linux}-amd64 https://codeclimate.com/downloads/test-reporter/test-reporter-latest-${CI_OS:-linux}-amd64 ; +for i in 1 256 512 ; do + curl -fLso test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i} "https://codeclimate.com/downloads/test-reporter/test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i}" ; wait ; + curl -fLso test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i}.sig "https://codeclimate.com/downloads/test-reporter/test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i}.sig" ; wait ; + # test sha1/sha512 signatures if found and sha256 even if not found + if [[ ( -r test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i} ) ]] || [[ ( ${i} -eq 256 ) ]] ; then + if [[ ( -r test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i}.sig ) ]] ; then + # configure your CI evironment to trust the key at ???? + # FP: KEY FP + # OR... + # Set CI=true to continue on missing keys + gpgv test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i}.sig test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i} || ${CI} || EXIT_CODE=126 + rm -vf codecov.SHA${i}SUM.sig 2>/dev/null ; + fi + shasum -a $i -c --ignore-missing test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i} || EXIT_CODE=126 + rm -vf test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i} 2>/dev/null ; + fi +done + +if [[ ( ${EXIT_CODE} -eq 0 ) ]] ; then + mv -f test-reporter-latest-${CI_OS:-linux}-amd64 ./cc-test-reporter 2>/dev/null || EXIT_CODE=126 + chmod -v 751 ./cc-test-reporter || EXIT_CODE=126 +fi + +if [[ ( ${EXIT_CODE} -eq 0 ) ]] ; then + ./cc-test-reporter || EXIT_CODE=10 ; +fi + + +unset _TEST_ROOT_DIR 2>/dev/null || true ; + +rm -f ./test-reporter-latest-*-amd64.SHA* 2>/dev/null > /dev/null || true ; wait ; +rm -f ${LOCK_FILE} 2>/dev/null > /dev/null || true ; wait ; + +# goodbye +exit ${EXIT_CODE:-255} ; From 86f5dcd6328fe904b69b4061fd0045ca65852ba8 Mon Sep 17 00:00:00 2001 From: "Mr. Walls" Date: Sat, 7 Sep 2024 00:50:55 -0700 Subject: [PATCH 5/9] [REGRESSION] chmod 755 new tool :hear_no_evil: (- WIP #40 -) --- tests/fetch_cc-test-reporter | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 tests/fetch_cc-test-reporter diff --git a/tests/fetch_cc-test-reporter b/tests/fetch_cc-test-reporter old mode 100644 new mode 100755 From a53dd67e297e8ce94ce7ed7f3c3c4315082e273d Mon Sep 17 00:00:00 2001 From: "Mr. Walls" Date: Sat, 7 Sep 2024 21:47:57 -0700 Subject: [PATCH 6/9] [STYLE] numerous style fixes to satisfy shellcheck and improve consistancy (- WIP #74 -) --- .github/workflows/Tests.yml | 54 ++++++++++++++++++------------------ tests/fetch_cc-test-reporter | 49 +++++++++++++++++--------------- 2 files changed, 54 insertions(+), 49 deletions(-) diff --git a/.github/workflows/Tests.yml b/.github/workflows/Tests.yml index 0824f03..952e485 100644 --- a/.github/workflows/Tests.yml +++ b/.github/workflows/Tests.yml @@ -95,7 +95,7 @@ jobs: run: | python -m pip install --upgrade "pip>=21.0" "setuptools>=45.0" "wheel>=0.37" pip install -r ./requirements.txt - pip install --user -r ./test-requirements.txt || true + pip install -r ./test-requirements.txt || true - name: Pre-build id: bootstrap run: | @@ -153,7 +153,7 @@ jobs: - name: Install dependencies for ${{ matrix.python-version }} run: | pip install -r ./requirements.txt - pip install --user -r ./test-requirements.txt || true + pip install -r ./test-requirements.txt || true - name: Pre-Clean id: clean run: make -j1 -f Makefile clean || true ; @@ -201,16 +201,16 @@ jobs: run: | pip install --upgrade "pip>=21.0" "setuptools>=45.0" "wheel>=0.37" pip install -r ./requirements.txt - pip install --user -r ./test-requirements.txt || true + pip install -r ./test-requirements.txt || true - name: Install code-climate tools for ${{ matrix.python-version }} - if: ${{ runner.os }} != "Linux" + if: runner.os != "Linux" shell: bash - run: if [ $OS == macos-latest ] ; then ./tests/fetch_cc-test-reporter || true ; fi ; + run: if [ "$OS" == "macos-latest" ] ; then ./tests/fetch_cc-test-reporter || true ; fi ; - name: Install deepsource tools for ${{ matrix.python-version }} - if: ${{ runner.os }} == "Linux" + if: runner.os == "Linux" shell: bash run: | - if [ $OS == ubuntu-latest ] ; then (curl https://deepsource.io/cli | sh) || true ; else echo "SKIP deepsource" ; fi ; + if [ "$OS" == "ubuntu-latest" ] ; then (curl https://deepsource.io/cli | sh) || true ; else echo "SKIP deepsource" ; fi ; - name: Pre-Clean id: clean run: make -j1 -f Makefile clean || true ; @@ -237,15 +237,15 @@ jobs: path: ./test-reports/ if-no-files-found: ignore - name: code-climate for ${{ matrix.python-version }} - if: ${{ runner.os }} != "Linux" + if: $runner.os != "Linux" shell: bash run: | - if [ $OS == macos-latest ] ; then ./cc-test-reporter after-build --exit-code 0 || true ; else echo "SKIP code climate" ; fi ; + if [ "$OS" == "macos-latest" ] ; then ./cc-test-reporter after-build --exit-code 0 || true ; else echo "SKIP code climate" ; fi ; - name: deepsource for ${{ matrix.python-version }} - if: ${{ runner.os }} == "Linux" + if: runner.os == "Linux" shell: bash run: | - if [ $OS == ubuntu-latest ] ; then ./bin/deepsource report --analyzer test-coverage --key python --value-file ./coverage.xml 2>/dev/null || true ; else echo "SKIP deepsource" ; fi ; + if [ "$OS" == "ubuntu-latest" ] ; then ./bin/deepsource report --analyzer test-coverage --key python --value-file ./coverage.xml 2>/dev/null || true ; else echo "SKIP deepsource" ; fi ; - name: Post-Clean id: post run: make -j1 -f Makefile clean || true ; @@ -280,24 +280,24 @@ jobs: run: | pip install --upgrade "pip>=21.0" "setuptools>=45.0" "wheel>=0.37" ; pip install -r ./requirements.txt ; - pip install --user -r ./test-requirements.txt || true ; + pip install -r ./test-requirements.txt || true ; - name: Install code-climate tools for ${{ matrix.python-version }} - if: ${{ runner.os }} == "Linux" + if: runner.os == "Linux" shell: bash - run: if [ $OS == ubuntu-latest ] ; then ./tests/fetch_cc-test-reporter || true ; fi ; + run: if [ "$OS" == "ubuntu-latest" ] ; then ./tests/fetch_cc-test-reporter || true ; fi ; - name: Install deepsource tools for ${{ matrix.python-version }} - if: ${{ runner.os }} == "Linux" + if: runner.os == "Linux" shell: bash run: | - if [ $OS == ubuntu-latest ] ; then (curl https://deepsource.io/cli | sh) || true ; else echo "SKIP deepsource" ; fi ; + if [ "$OS" == "ubuntu-latest" ] ; then (curl https://deepsource.io/cli | sh) || true ; else echo "SKIP deepsource" ; fi ; - name: Pre-Clean id: clean run: make -j1 -f Makefile clean || true ; - name: Generate Coverage for py3.9 on ${{ matrix.os }} - if: ${{ runner.python-version }} == "3.9" + if: runner.python-version == "3.9" run: make -f Makefile test ; - name: Generate Coverage for py${{ matrix.python-version }} on ${{ matrix.os }} - if: ${{ runner.python-version }} != "3.9" + if: runner.python-version != "3.9" run: make -f Makefile test-pytest ; - name: Upload Python ${{ matrix.python-version }} coverage to Codecov uses: codecov/codecov-action@v4 @@ -316,15 +316,15 @@ jobs: path: ./test-reports/ if-no-files-found: ignore - name: code-climate for ${{ matrix.python-version }} - if: ${{ runner.os }} == "Linux" + if: runner.os == "Linux" shell: bash run: | - if [ $OS == ubuntu-latest ] ; then ./cc-test-reporter after-build --exit-code 0 || true ; else echo "SKIP code climate" ; fi ; + if [ "$OS" == "ubuntu-latest" ] ; then ./cc-test-reporter after-build --exit-code 0 || true ; else echo "SKIP code climate" ; fi ; - name: deepsource for ${{ matrix.python-version }} - if: ${{ runner.os }} == "Linux" + if: runner.os == "Linux" shell: bash run: | - if [ $OS == ubuntu-latest ] ; then ./bin/deepsource report --analyzer test-coverage --key python --value-file ./coverage.xml 2>/dev/null || true ; else echo "SKIP deepsource" ; fi ; + if [ "$OS" == "ubuntu-latest" ] ; then ./bin/deepsource report --analyzer test-coverage --key python --value-file ./coverage.xml 2>/dev/null || true ; else echo "SKIP deepsource" ; fi ; - name: Post-Clean id: post run: make -j1 -f Makefile clean || true ; @@ -350,7 +350,7 @@ jobs: run: | pip install --upgrade "pip>=21.0" "setuptools>=45.0" "wheel>=0.37" ; pip install -r ./requirements.txt ; - pip install --user -r ./test-requirements.txt || true ; + pip install -r ./test-requirements.txt || true ; - name: Pre-Clean id: clean run: make -j1 -f Makefile clean || true ; @@ -394,7 +394,7 @@ jobs: run: | pip install --upgrade "pip>=21.0" "setuptools>=45.0" "wheel>=0.37" ; pip install -r ./requirements.txt ; - pip install --user -r ./test-requirements.txt || true ; + pip install -r ./test-requirements.txt || true ; - name: Install code-climate tools for ${{ matrix.python-version }} if: ${{ runner.os }} != "Linux" run: if [ $OS == macos-latest ] ; then ./tests/fetch_cc-test-reporter || true ; fi ; @@ -430,9 +430,9 @@ jobs: path: ./test-reports/ if-no-files-found: ignore - name: code-climate for ${{ matrix.python-version }} - if: ${{ runner.os }} != "Linux" + if: runner.os != "Linux" run: | - if [ $OS == macos-latest ] ; then ./cc-test-reporter after-build --exit-code 0 || true ; else echo "SKIP code climate" ; fi ; + if [ "$OS" == "macos-latest" ] ; then ./cc-test-reporter after-build --exit-code 0 || true ; else echo "SKIP code climate" ; fi ; - name: Post-purge id: post-uninstall run: make -j1 -f Makefile purge || true ; @@ -463,7 +463,7 @@ jobs: run: | pip install --upgrade "pip>=21.0" "setuptools>=45.0" "wheel>=0.37" "tox>=3.0"; pip install -r ./requirements.txt ; - pip install --user -r ./test-requirements.txt || true ; + pip install -r ./test-requirements.txt || true ; - name: Pre-Clean id: clean run: make -j1 -f Makefile clean || true ; diff --git a/tests/fetch_cc-test-reporter b/tests/fetch_cc-test-reporter index 7aed037..c84b235 100755 --- a/tests/fetch_cc-test-reporter +++ b/tests/fetch_cc-test-reporter @@ -69,27 +69,28 @@ umask 127 LOCK_FILE="${TMPDIR:-/tmp}/org.pak.tests.scripts.code-climate.lock" EXIT_CODE=0 -test -x $(command -v grep) || exit 126 ; -test -x $(command -v curl) || exit 126 ; +test -x "$(command -v grep)" || exit 126 ; +test -x "$(command -v curl)" || exit 126 ; hash -p ./.github/tool_shlock_helper.sh shlock || exit 255 ; test -x "$(command -v shlock)" || exit 126 ; -test -x $(command -v gpgv) || exit 126 ; -test -x $(command -v shasum) || exit 126 ; +test -x "$(command -v gpgv)" || exit 126 ; +test -x "$(command -v shasum)" || exit 126 ; # sorry no windows support here -if [[ $( \uname -s ) == "*arwin" ]] ; then +if [[ $( command uname -s ) == *arwin ]] ; then CI_OS="darwin" else CI_OS="linux" fi function cleanup() { - rm -f ${LOCK_FILE} 2>/dev/null || true ; wait ; + rm -f "${LOCK_FILE}" 2>/dev/null || true ; wait ; rm -f ./test-reporter-latest-*-amd64.SHA*.sig 2>/dev/null || true ; wait ; + rm -f ./test-reporter-latest-*-amd64.SHA* 2>/dev/null > /dev/null || true ; wait ; hash -d shlock 2>/dev/null > /dev/null || true ; } -if [[ ( $(shlock -f ${LOCK_FILE} -p $$ ) -eq 0 ) ]] ; then +if [[ ( $(shlock -f "${LOCK_FILE}" -p $$ ) -eq 0 ) ]] ; then trap 'cleanup 2>/dev/null || rm -f ${LOCK_FILE} 2>/dev/null > /dev/null || true ; wait ; exit 129 ;' SIGHUP || EXIT_CODE=129 trap 'cleanup 2>/dev/null || rm -f ${LOCK_FILE} 2>/dev/null > /dev/null || true ; wait ; exit 143 ;' SIGTERM || EXIT_CODE=143 trap 'cleanup 2>/dev/null || rm -f ${LOCK_FILE} 2>/dev/null > /dev/null || true ; wait ; exit 131 ;' SIGQUIT || EXIT_CODE=131 @@ -100,7 +101,8 @@ if [[ ( $(shlock -f ${LOCK_FILE} -p $$ ) -eq 0 ) ]] ; then trap 'cleanup 2>/dev/null || rm -f ${LOCK_FILE} 2>/dev/null > /dev/null || true ; wait ; exit ${EXIT_CODE} ;' EXIT || EXIT_CODE=1 trap 'cleanup ; wait ; exit ${EXIT_CODE} ;' EXIT || EXIT_CODE=1 else - echo "CodeCov already in progress by "`head ${LOCK_FILE}` ; + # shellcheck disable=SC2046 + printf "\t%s\n" "CodeClimate already in progress by "$(head "${LOCK_FILE}") >&2 ; false ; exit 126 ; fi @@ -114,13 +116,14 @@ if [[ -d ./.git ]] ; then elif [[ -d ./tests ]] ; then _TEST_ROOT_DIR="./" ; else - echo "FAIL: missing valid folder or file" + printf "%s\n" "FAIL: missing valid folder or file" EXIT_CODE=1 fi # This File MUST BE GIT-IGNORED # to be SAFELY USED to store Tokens and env vars (update logic as needed) if [[ ( -r ./codecov_env ) ]] ; then + # shellcheck disable=SC2086,SC1091 source ./codecov_env 2>/dev/null || true ; fi @@ -130,20 +133,23 @@ fi ######################### curl -fLso ./test-reporter-latest-${CI_OS:-linux}-amd64 https://codeclimate.com/downloads/test-reporter/test-reporter-latest-${CI_OS:-linux}-amd64 ; for i in 1 256 512 ; do - curl -fLso test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i} "https://codeclimate.com/downloads/test-reporter/test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i}" ; wait ; - curl -fLso test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i}.sig "https://codeclimate.com/downloads/test-reporter/test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i}.sig" ; wait ; + curl -fLso test-reporter-latest-${CI_OS:-linux}-amd64.sha${i} "https://codeclimate.com/downloads/test-reporter/test-reporter-latest-${CI_OS:-linux}-amd64.sha${i}" ; wait ; + curl -fLso test-reporter-latest-${CI_OS:-linux}-amd64.sha${i}.sig "https://codeclimate.com/downloads/test-reporter/test-reporter-latest-${CI_OS:-linux}-amd64.sha${i}.sig" ; wait ; # test sha1/sha512 signatures if found and sha256 even if not found - if [[ ( -r test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i} ) ]] || [[ ( ${i} -eq 256 ) ]] ; then - if [[ ( -r test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i}.sig ) ]] ; then - # configure your CI evironment to trust the key at ???? - # FP: KEY FP + if [[ ( -r test-reporter-latest-${CI_OS:-linux}-amd64.sha${i} ) ]] || [[ ( ${i} -eq 256 ) ]] ; then + if [[ ${i} -eq 1 ]]; then + printf "%s\n" "WARNING: SHA-1 is deprecated and should be avoided when possible. Consider using SHA-256 or SHA-512 for stronger integrity checks. (CWE-327: Use of a Broken or Risky Cryptographic Algorithm)" + fi + if [[ ( -r test-reporter-latest-${CI_OS:-linux}-amd64.sha${i}.sig ) ]] ; then + # configure your CI evironment to trust the key at gpg --keyserver keys.openpgp.org --recv-keys 9BD9E2DD46DA965A537E5B0A5CBF320243B6FD85 + # FP: KEY FP 9BD9 E2DD 46DA 965A 537E 5B0A 5CBF 3202 43B6 FD85 # OR... # Set CI=true to continue on missing keys - gpgv test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i}.sig test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i} || ${CI} || EXIT_CODE=126 - rm -vf codecov.SHA${i}SUM.sig 2>/dev/null ; + gpg --verify test-reporter-latest-${CI_OS:-linux}-amd64.sha${i}.sig test-reporter-latest-${CI_OS:-linux}-amd64.sha${i} || ${CI} || EXIT_CODE=126 + rm -vf test-reporter-latest-${CI_OS:-linux}-amd64.sha${i}.sig 2>/dev/null ; fi - shasum -a $i -c --ignore-missing test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i} || EXIT_CODE=126 - rm -vf test-reporter-latest-${CI_OS:-linux}-amd64.SHA${i} 2>/dev/null ; + shasum -a $i -c --ignore-missing test-reporter-latest-${CI_OS:-linux}-amd64.sha${i} || EXIT_CODE=126 + rm -vf test-reporter-latest-${CI_OS:-linux}-amd64.sha${i} 2>/dev/null ; fi done @@ -153,14 +159,13 @@ if [[ ( ${EXIT_CODE} -eq 0 ) ]] ; then fi if [[ ( ${EXIT_CODE} -eq 0 ) ]] ; then - ./cc-test-reporter || EXIT_CODE=10 ; + ./cc-test-reporter before-build || EXIT_CODE=10 ; fi unset _TEST_ROOT_DIR 2>/dev/null || true ; -rm -f ./test-reporter-latest-*-amd64.SHA* 2>/dev/null > /dev/null || true ; wait ; -rm -f ${LOCK_FILE} 2>/dev/null > /dev/null || true ; wait ; +cleanup 2>/dev/null || rm -f "${LOCK_FILE}" 2>/dev/null > /dev/null || true ; wait ; # goodbye exit ${EXIT_CODE:-255} ; From e07e30198f55a98718c595f516f6362347b75359 Mon Sep 17 00:00:00 2001 From: "Mr. Walls" Date: Sat, 7 Sep 2024 21:55:21 -0700 Subject: [PATCH 7/9] [REGRESSION] fix syntax by reverting (- WIP #74 -) --- .github/workflows/Tests.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/Tests.yml b/.github/workflows/Tests.yml index 952e485..d0f392a 100644 --- a/.github/workflows/Tests.yml +++ b/.github/workflows/Tests.yml @@ -203,11 +203,11 @@ jobs: pip install -r ./requirements.txt pip install -r ./test-requirements.txt || true - name: Install code-climate tools for ${{ matrix.python-version }} - if: runner.os != "Linux" + if: ${{ runner.os }} != "Linux" shell: bash run: if [ "$OS" == "macos-latest" ] ; then ./tests/fetch_cc-test-reporter || true ; fi ; - name: Install deepsource tools for ${{ matrix.python-version }} - if: runner.os == "Linux" + if: ${{ runner.os }} == "Linux" shell: bash run: | if [ "$OS" == "ubuntu-latest" ] ; then (curl https://deepsource.io/cli | sh) || true ; else echo "SKIP deepsource" ; fi ; @@ -242,7 +242,7 @@ jobs: run: | if [ "$OS" == "macos-latest" ] ; then ./cc-test-reporter after-build --exit-code 0 || true ; else echo "SKIP code climate" ; fi ; - name: deepsource for ${{ matrix.python-version }} - if: runner.os == "Linux" + if: ${{ runner.os }} == "Linux" shell: bash run: | if [ "$OS" == "ubuntu-latest" ] ; then ./bin/deepsource report --analyzer test-coverage --key python --value-file ./coverage.xml 2>/dev/null || true ; else echo "SKIP deepsource" ; fi ; @@ -282,11 +282,11 @@ jobs: pip install -r ./requirements.txt ; pip install -r ./test-requirements.txt || true ; - name: Install code-climate tools for ${{ matrix.python-version }} - if: runner.os == "Linux" + if: ${{ runner.os }} == "Linux" shell: bash run: if [ "$OS" == "ubuntu-latest" ] ; then ./tests/fetch_cc-test-reporter || true ; fi ; - name: Install deepsource tools for ${{ matrix.python-version }} - if: runner.os == "Linux" + if: ${{ runner.os }} == "Linux" shell: bash run: | if [ "$OS" == "ubuntu-latest" ] ; then (curl https://deepsource.io/cli | sh) || true ; else echo "SKIP deepsource" ; fi ; @@ -316,12 +316,12 @@ jobs: path: ./test-reports/ if-no-files-found: ignore - name: code-climate for ${{ matrix.python-version }} - if: runner.os == "Linux" + if: ${{ runner.os }} == "Linux" shell: bash run: | if [ "$OS" == "ubuntu-latest" ] ; then ./cc-test-reporter after-build --exit-code 0 || true ; else echo "SKIP code climate" ; fi ; - name: deepsource for ${{ matrix.python-version }} - if: runner.os == "Linux" + if: ${{ runner.os }} == "Linux" shell: bash run: | if [ "$OS" == "ubuntu-latest" ] ; then ./bin/deepsource report --analyzer test-coverage --key python --value-file ./coverage.xml 2>/dev/null || true ; else echo "SKIP deepsource" ; fi ; @@ -430,7 +430,7 @@ jobs: path: ./test-reports/ if-no-files-found: ignore - name: code-climate for ${{ matrix.python-version }} - if: runner.os != "Linux" + if: ${{ runner.os }} != "Linux" run: | if [ "$OS" == "macos-latest" ] ; then ./cc-test-reporter after-build --exit-code 0 || true ; else echo "SKIP code climate" ; fi ; - name: Post-purge From 590cbdf68db0c146c057a3b038ee4186904fed8e Mon Sep 17 00:00:00 2001 From: "Mr. Walls" Date: Sat, 7 Sep 2024 21:58:32 -0700 Subject: [PATCH 8/9] [REGRESSION] fix syntax by reverting - OPS MISSED ON (- WIP #74 -) --- .github/workflows/Tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/Tests.yml b/.github/workflows/Tests.yml index d0f392a..e2dbf4c 100644 --- a/.github/workflows/Tests.yml +++ b/.github/workflows/Tests.yml @@ -237,7 +237,7 @@ jobs: path: ./test-reports/ if-no-files-found: ignore - name: code-climate for ${{ matrix.python-version }} - if: $runner.os != "Linux" + if: ${{ runner.os }} != "Linux" shell: bash run: | if [ "$OS" == "macos-latest" ] ; then ./cc-test-reporter after-build --exit-code 0 || true ; else echo "SKIP code climate" ; fi ; From 4cdc90017c1356a7e703ebdba6a99dc77631b11c Mon Sep 17 00:00:00 2001 From: "Mr. Walls" Date: Sat, 7 Sep 2024 22:00:47 -0700 Subject: [PATCH 9/9] [REGRESSION] fix syntax by reverting - back to a working CI (- WIP #74 -) --- .github/workflows/Tests.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/Tests.yml b/.github/workflows/Tests.yml index e2dbf4c..19ee8d5 100644 --- a/.github/workflows/Tests.yml +++ b/.github/workflows/Tests.yml @@ -294,10 +294,10 @@ jobs: id: clean run: make -j1 -f Makefile clean || true ; - name: Generate Coverage for py3.9 on ${{ matrix.os }} - if: runner.python-version == "3.9" + if: ${{ runner.python-version }} == "3.9" run: make -f Makefile test ; - name: Generate Coverage for py${{ matrix.python-version }} on ${{ matrix.os }} - if: runner.python-version != "3.9" + if: ${{ runner.python-version }} != "3.9" run: make -f Makefile test-pytest ; - name: Upload Python ${{ matrix.python-version }} coverage to Codecov uses: codecov/codecov-action@v4