Merge branch 'master' into dorian/lint-compare

Author: dorian-writes-code

Makefile.circle

@@ -107,6 +107,7 @@ save:
 # - spinnaker pipeline: https://spinnaker.codecov.dev/?to=https%3A%2F%2Fspinnaker.codecov.dev%2F%23%2Fsearch#/applications/codecov-staging/executions?pipeline=api
 # - staging url: https://stage-api.codecov.dev
 staging:
+	docker load -i app.tar
 	docker tag "${GCR_REPO}:${VERSION}" "${GCR_REPO}:staging-${VERSION}"
 	docker push ${GCR_REPO}:staging-${VERSION}
 

codecov/settings_base.py

@@ -228,3 +228,5 @@
 
 IS_ENTERPRISE = get_settings_module() == SettingsModule.ENTERPRISE.value
 IS_DEV = get_settings_module() == SettingsModule.DEV.value
+DATA_UPLOAD_MAX_MEMORY_SIZE = get_config("setup", "http", "upload_max_memory_size", default=2621440)
+FILE_UPLOAD_MAX_MEMORY_SIZE = get_config("setup", "http", "file_upload_max_memory_size", default=2621440)

codecov/urls.py

@@ -28,7 +28,7 @@
         "<str:service>/<str:owner_username>/<str:repo_name>/",
         include("graphs.urls"),
     ),
-    path("upload/<str:version>", include("upload.urls")),
+    path("upload/", include("upload.urls")),
 ]
 
 if not settings.IS_ENTERPRISE:

codecov_auth/admin.py

@@ -21,7 +21,7 @@ def impersonate_owner(self, request, queryset):
         "staff_user",
         owner.username,
         domain=settings.COOKIES_DOMAIN,
-        samesite="Strict",
+        samesite="Lax",
     )
     return response
 

codecov_auth/commands/owner/interactors/fetch_owner.py

@@ -0,0 +1,8 @@
+from asgiref.sync import sync_to_async
+from codecov.commands.base import BaseInteractor
+from codecov_auth.models import Owner
+
+class FetchOwnerInteractor(BaseInteractor):
+    @sync_to_async
+    def execute(self, username):
+        return Owner.objects.filter(username=username, service=self.service).first()

codecov_auth/commands/owner/owner.py

@@ -5,6 +5,7 @@
 from .interactors.set_yaml_on_owner import SetYamlOnOwnerInteractor
 from .interactors.delete_session import DeleteSessionInteractor
 from .interactors.update_profile import UpdateProfileInteractor
+from .interactors.fetch_owner import FetchOwnerInteractor
 
 
 class OwnerCommands(BaseCommand):
@@ -19,3 +20,6 @@ def set_yaml_on_owner(self, username, yaml):
 
     def update_profile(self, **kwargs):
         return self.get_interactor(UpdateProfileInteractor).execute(**kwargs)
+
+    def fetch_owner(self, username):
+        return self.get_interactor(FetchOwnerInteractor).execute(username)

codecov_auth/views/base.py

@@ -101,15 +101,15 @@ def _set_proper_cookies_and_session(self, user, request, response):
             domain=domain_to_use,
             httponly=True,
             secure=True,
-            samesite="Strict",
+            samesite="Lax",
         )
         response.set_cookie(
             f"{self.service}-username",
             user.username,
             domain=domain_to_use,
             httponly=True,
             secure=True,
-            samesite="Strict",
+            samesite="Lax",
         )
 
     def _check_user_count_limitations(self):

codecov_auth/views/logout.py

@@ -22,6 +22,12 @@ def logout_view(request, service):
     response = redirect("/")
     delete_session(request, service_name)
     logout(request)
+    kwargs_cookie = dict(domain=settings.COOKIES_DOMAIN, samesite="Lax")
+    response.delete_cookie("staff_user", **kwargs_cookie)
+    response.delete_cookie(f"{service_name}-username", **kwargs_cookie)
+    response.delete_cookie(f"{service_name}-token", **kwargs_cookie)
+    # temporary as we use to set cookie to Strict SameSite; but we need Lax
+    # So we need delete in both samesite Strict / Lax for a little while
     kwargs_cookie = dict(domain=settings.COOKIES_DOMAIN, samesite="Strict")
     response.delete_cookie("staff_user", **kwargs_cookie)
     response.delete_cookie(f"{service_name}-username", **kwargs_cookie)

enterprise/generate_pyinstaller_args.py

@@ -82,7 +82,9 @@ def main():
             "whitenoise.middleware",
             "graphql_api",
             "legacy_migrations",
-            "shared.celery_config"
+            "legacy_migrations.migrations",
+            "shared.celery_config",
+            "kombu.transport.pyamqp"
         ]
     )
 

enterprise/hooks/hook-core.py

@@ -1,3 +1,3 @@
 from PyInstaller.utils.hooks import collect_submodules, collect_data_files
 
-datas = collect_data_files("core", include_py_files=True, subdir="migrations")
+datas = collect_data_files("core", include_py_files=True, subdir="migrations") + collect_data_files("legacy_migrations", include_py_files=True, subdir="migrations")

reports/models.py

@@ -1,5 +1,7 @@
 import uuid
 
+from django.urls import reverse
+
 from django.db import models
 from django.contrib.postgres.fields import ArrayField
 
@@ -98,12 +100,17 @@ class Meta:
     @property
     def download_url(self):
         repository = self.report.commit.repository
-        owner = repository.author
-        short_service = get_short_service_name(owner.service)
-        path_download = (
-            f"/api/{short_service}/{owner.username}/{repository.name}/download/build"
+        return (
+            reverse(
+                "upload-download",
+                kwargs={
+                    "service": get_short_service_name(repository.author.service),
+                    "owner_username": repository.author.username,
+                    "repo_name": repository.name,
+                },
+            )
+            + f"?path={self.storage_path}"
         )
-        return f"{path_download}?path={self.storage_path}"
 
     @property
     def ci_url(self):

reports/tests/test_models.py

@@ -14,7 +14,7 @@ def test_get_download_url(self):
         repository = session.report.commit.repository
         assert (
             session.download_url
-            == f"/api/gh/{repository.author.username}/{repository.name}/download/build?path={storage_path}"
+            == f"/upload/gh/{repository.author.username}/{repository.name}/download?path={storage_path}"
         )
 
     def test_ci_url_when_no_provider(self):

upload/tests/test_upload.py

@@ -944,6 +944,19 @@ def _post(
         url = reverse("upload-handler", kwargs=kwargs) + query_string
         return self.client.post(url, data=data, content_type=content_type, **headers)
 
+    def _post_slash(
+        self,
+        kwargs=None,
+        data=None,
+        query=None,
+        content_type="application/json",
+        headers=None,
+    ):
+        headers = headers or {}
+        query_string = f"?{urlencode(query)}" if query else ""
+        url = "/upload/v2/" + query_string
+        return self.client.post(url, data=data, content_type=content_type, **headers)
+
     def setUp(self):
         self.org = G(Owner, username="codecovtest", service="github")
         self.repo = G(
@@ -1067,6 +1080,85 @@ async def get_commit(self, commit, token):
             == "https://codecov.io/github/codecovtest/upload-test-repo/commit/b521e55aef79b101f48e2544837ca99a7fa3bf6b"
         )
 
+    @patch("upload.views.get_redis_connection")
+    @patch("upload.views.uuid4")
+    @patch("upload.views.dispatch_upload_task")
+    @patch("services.repo_providers.RepoProviderService.get_adapter")
+    def test_successful_upload_v2_slash(
+        self,
+        mock_repo_provider_service,
+        mock_dispatch_upload,
+        mock_uuid4,
+        mock_get_redis,
+    ):
+        class MockRepoProviderAdapter:
+            async def get_commit(self, commit, token):
+                return {"message": "This is not a merge commit"}
+
+        mock_get_redis.return_value = MockRedis()
+        mock_repo_provider_service.return_value = MockRepoProviderAdapter()
+        mock_uuid4.return_value = (
+            "dec1f00b-1883-40d0-afd6-6dcb876510be"  # this will be the reportid
+        )
+
+        query_params = {
+            "commit": "b521e55aef79b101f48e2544837ca99a7fa3bf6b",
+            "token": "test27s4f3uz3ha9pi0foipg5bqojtrmbt67",
+            "pr": "456",
+            "branch": "",
+            "flags": "",
+            "build_url": "",
+        }
+
+        response = self._post_slash(
+            kwargs={"version": "v2"}, query=query_params, data="coverage report"
+        )
+
+        assert response.status_code == 200
+
+        headers = response._headers
+
+        assert headers["access-control-allow-origin"] == (
+            "Access-Control-Allow-Origin",
+            "*",
+        )
+        assert headers["access-control-allow-headers"] == (
+            "Access-Control-Allow-Headers",
+            "Origin, Content-Type, Accept, X-User-Agent",
+        )
+        assert headers["content-type"] != (
+            "Content-Type",
+            "text/plain",
+        )
+
+        assert mock_dispatch_upload.call_args[0][0] == {
+            "commit": "b521e55aef79b101f48e2544837ca99a7fa3bf6b",
+            "token": "test27s4f3uz3ha9pi0foipg5bqojtrmbt67",
+            "pr": "456",
+            "version": "v2",
+            "service": None,
+            "owner": None,
+            "repo": None,
+            "using_global_token": False,
+            "build_url": None,
+            "branch": None,
+            "reportid": "dec1f00b-1883-40d0-afd6-6dcb876510be",
+            "redis_key": "upload/b521e55/dec1f00b-1883-40d0-afd6-6dcb876510be/plain",
+            "url": None,
+            "branch": None,
+            "job": None,
+        }
+
+        result = loads(response.content)
+        assert result["message"] == "Coverage reports upload successfully"
+        assert result["uploaded"] == True
+        assert result["queued"] == True
+        assert result["id"] == "dec1f00b-1883-40d0-afd6-6dcb876510be"
+        assert (
+            result["url"]
+            == "https://codecov.io/github/codecovtest/upload-test-repo/commit/b521e55aef79b101f48e2544837ca99a7fa3bf6b"
+        )
+
     @patch("services.storage.MINIO_CLIENT.presigned_put_object")
     @patch("services.archive.ArchiveService.get_archive_hash")
     @patch("upload.views.get_redis_connection")

upload/tests/test_upload_download.py

@@ -0,0 +1,111 @@
+import minio
+from ddf import G
+from unittest.mock import patch
+from core.models import Repository
+from codecov_auth.models import Owner
+from rest_framework.reverse import reverse
+from rest_framework.test import APITestCase
+
+
+class UploadDownloadHelperTest(APITestCase):
+    def _get(self, kwargs={}, data={}):
+        path = f"/upload/{kwargs.get('service')}/{kwargs.get('owner_username')}/{kwargs.get('repo_name')}/download"
+        return self.client.get(path, data=data)
+
+    def setUp(self):
+        self.org = G(Owner, username="codecovtest", service="github")
+        self.repo = G(
+            Repository,
+            author=self.org,
+            name="upload-test-repo",
+            upload_token="test27s4f3uz3ha9pi0foipg5bqojtrmbt67",
+        )
+        self.repo = G(
+            Repository, author=self.org, name="private-upload-test-repo", private=True
+        )
+
+    def test_no_path_param(self):
+        response = self._get()
+        assert response.status_code == 404
+
+    def test_invalid_path_param(self):
+        response = self._get(data={"path": "v2"})
+        assert response.status_code == 404
+
+    def test_invalid_owner(self):
+        response = self._get(
+            kwargs={
+                "service": "gh",
+                "owner_username": "invalid",
+                "repo_name": "invalid",
+            },
+            data={"path": "v4/raw"},
+        )
+        assert response.status_code == 404
+
+    def test_invalid_repo(self):
+        response = self._get(
+            kwargs={
+                "service": "gh",
+                "owner_username": "codecovtest",
+                "repo_name": "invalid",
+            },
+            data={"path": "v4/raw"},
+        )
+        assert response.status_code == 404
+
+    @patch("services.archive.ArchiveService.get_archive_hash")
+    @patch("services.archive.ArchiveService.read_file")
+    def test_invalid_archive_path(self, read_file, get_archive_hash):
+        read_file.side_effect = [minio.error.NoSuchKey]
+        get_archive_hash.return_value = "path"
+        response = self._get(
+            kwargs={
+                "service": "gh",
+                "owner_username": "codecovtest",
+                "repo_name": "upload-test-repo",
+            },
+            data={"path": "v4/raw/path"},
+        )
+        assert response.status_code == 404
+
+    @patch("services.archive.ArchiveService.get_archive_hash")
+    @patch("services.archive.ArchiveService.read_file")
+    def test_valid_repo_archive_path(self, mock_read_file, get_archive_hash):
+        mock_read_file.return_value = "Report!"
+        get_archive_hash.return_value = "hasssshhh"
+        response = self._get(
+            kwargs={
+                "service": "gh",
+                "owner_username": "codecovtest",
+                "repo_name": "upload-test-repo",
+            },
+            data={"path": "v4/raw/hasssshhh"},
+        )
+        assert response.status_code == 200
+        headers = response._headers
+        assert headers["content-type"] == ("Content-Type", "text/plain")
+
+    @patch("services.archive.ArchiveService.read_file")
+    def test_invalid_repo_archive_path(self, mock_read_file):
+        mock_read_file.return_value = "Report!"
+        response = self._get(
+            kwargs={
+                "service": "gh",
+                "owner_username": "codecovtest",
+                "repo_name": "upload-test-repo",
+            },
+            data={"path": "v4/raw"},
+        )
+        assert response.status_code == 404
+
+    def test_private_valid_archive_path(self):
+        response = self._get(
+            kwargs={
+                "service": "gh",
+                "owner_username": "codecovtest",
+                "repo_name": "private-upload-test-repo",
+            },
+            data={"path": "v4/raw"},
+        )
+        assert response.status_code == 404

upload/urls.py

@@ -1,8 +1,13 @@
-from django.urls import re_path
-from .views import UploadHandler
+from django.urls import path, re_path
+from .views import UploadHandler, UploadDownloadHandler
 
 
 urlpatterns = [
     # use regex to make trailing slash optional
-    re_path("^/?", UploadHandler.as_view(), name="upload-handler"),
+    path(
+        "<str:service>/<str:owner_username>/<str:repo_name>/download",
+        UploadDownloadHandler.as_view(),
+        name="upload-download",
+    ),
+    re_path("(?P<version>\w+)/?", UploadHandler.as_view(), name="upload-handler"),
 ]